xaviershay-dm-rails Gem for Ruby contains a flaw in the execute()
function in /datamapper/dm-rails/blob/master/lib/dm-rails/storage.rb
. The issue is due to the function exposing sensitive information via the process table. This may allow a local attack to gain access to MySQL credential information.
もっと詳しく