brbackup 0.1.0
brbackup Gem for Ruby dbuser Variable Shell Metacharacter Injection Remote Command Execution
high severity OSVDB-108900brbackup Gem for Ruby contains a flaw that is triggered as input passed via the 'dbuser' variable is not properly sanitized. This may allow a remote attacker to inject shell metacharacters and execute arbitrary commands.
brbackup Gem for Ruby /lib/brbackup.rb name Parameter SQL Injection
high severity OSVDB-108899brbackup Gem for Ruby contains a flaw that may allow carrying out an SQL injection attack. The issue is due to the /lib/brbackup.rb script not properly sanitizing user-supplied input to the 'name' parameter. This may allow a remote attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
brbackup Gem for Ruby Process List Local Plaintext Password Disclosure
high severity CVE-2014-5004brbackup Gem for Ruby contains a flaw that is due to the program exposing password information in plaintext in the process list. This may allow a local attacker to gain access to password information.
No officially reported memory leakage issues detected.
This gem version does not have any officially reported memory leaked issues.
Author did not declare license for this gem in the gemspec.
This gem version has a MIT license in the source code, however it was not declared in the gemspec file.
This gem version is available.
This gem version has not been yanked and is still available for usage.