Back to search
CVE-2013-7111
Published: Apr 29, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
The put_call function in the API client (api/api_client.rb) in the BaseSpace Ruby SDK (aka bio-basespace-sdk) gem 0.1.7 for Ruby uses the API_KEY on the command line, which allows remote attackers to obtain sensitive information by listing the processes.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.vapid.dhs.org/advisories/bio-basespace-sdk.html
x_refsource_MISC
[oss-security] 20131214 Bio Basespace SDK 0.1.7 Ruby Gem exposes API Key via command line
mailing-list
x_refsource_MLIST
[oss-security] 20131215 Re: Bio Basespace SDK 0.1.7 Ruby Gem exposes API Key via command line
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now