CVE-2014-5002

Name of the Vulnerable Software and Affected Versions lynx gem versions prior to 1.0.0

Description The issue allows local users to obtain sensitive information by listing processes because the configured password is placed on command lines. As of version 1.0.0, the --password option is no longer supported, and passwords are only configured in a configuration file, preventing command line exposure.

Recommendations For versions prior to 1.0.0, update to version 1.0.0 or later, as it removes the --password option and configures passwords solely through a configuration file, thus mitigating the risk of password exposure on the command line.