class Dawn::Kb::OSVDB_118830
Automatically created with rake on 2015-04-05
Public Class Methods
new()
click to toggle source
include RubyVersionCheck
Calls superclass method
Dawn::Kb::DependencyCheck::new
# File lib/dawn/kb/osvdb_118830.rb, line 10 def initialize message = "Doorkeeper Gem for Ruby contains a flaw in lib/doorkeeper/engine.rb. The issue is due to the program storing sensitive information in production logs. This may allow a local attacker to gain access to sensitive information." super({ :name=> "OSVDB_118830", :cve=>"", :osvdb=>"118830", :cvss=>"", :release_date => Date.new(2015, 2, 10), :cwe=>"", :owasp=>"A6", :applies=>["rails", "sinatra", "padrino"], :kind=>Dawn::KnowledgeBase::DEPENDENCY_CHECK, :message=>message, :mitigation=>"Please upgrade doorkeeper gem version at least to 2.1.2. As a general rule, using the latest stable version is recommended.", :aux_links=>[""] }) self.safe_dependencies = [{:name=>"doorkeeper", :version=>['2.1.2']}] end