Vulnerabilities > Vladtheenterprising Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-01-10 | CVE-2014-4996 | Link Following vulnerability in Vladtheenterprising Project Vladtheenterprising 0.2.0 lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to write to arbitrary files via a symlink attack on /tmp/my.cnf.#{target_host}. | 5.5 |
2018-01-10 | CVE-2014-4995 | Race Condition vulnerability in Vladtheenterprising Project Vladtheenterprising 0.2.0 Race condition in lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to obtain sensitive information by reading the MySQL root password from a temporary file before it is removed. | 7.0 |