Skip to content

High severity vulnerability that affects many_versioned_gem

High severity GitHub Reviewed Published Feb 5, 2019 in rschultheis/many_versioned_gem • Updated Jan 9, 2023
Withdrawn This advisory was withdrawn on Jun 16, 2020

Package

bundler many_versioned_gem (RubyGems)

Affected versions

< 0.2.3

Patched versions

0.2.3

Description

Logs password in plaintext

Impact

Logs the password used in plaintext. The password should masked in logs to prevent it leaking.

Patches

Has the problem been patched? What versions should users upgrade to?

Workarounds

none

See also

Are there any links users can visit to find out more information?

Package Ecosystem

RubyGems

Package Name

many_versioned_gem

Affected Versions

< 0.2.2

Patches

0.2.3

References

@rschultheis rschultheis published to rschultheis/many_versioned_gem Feb 5, 2019
Published to the GitHub Advisory Database Feb 5, 2019
Reviewed Jun 16, 2020
Withdrawn Jun 16, 2020
Last updated Jan 9, 2023

Severity

High

Weaknesses

No CWEs

CVE ID

No known CVE

GHSA ID

GHSA-hhxm-4f85-rgr8

Source code

No known source code
Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.