[xaviershay-dm-rails] xaviershay-dm-rails Gem for Ruby exposes sensitive information via the process table

xaviershay-dm-rails Gem for Ruby contains a flaw in the execute() function in /datamapper/dm-rails/blob/master/lib/dm-rails/storage.rb. The issue is due to the function exposing sensitive information via the process table. This may allow a local attack to gain access to MySQL credential information.

References

• https://nvd.nist.gov/vuln/detail/CVE-2015-2179
• https://github.com/rubysec/ruby-advisory-db/blob/master/gems/xaviershay-dm-rails/CVE-2015-2179.yml
• https://github.com/advisories/GHSA-88p8-4vv5-82j7