Description
The put_call function in the API client (api/api_client.rb) in the BaseSpace Ruby SDK (aka bio-basespace-sdk) gem 0.1.7 for Ruby uses the API_KEY on the command line, which allows remote attackers to obtain sensitive information by listing the processes.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2017-0336 | The put_call function in the API client (api/api_client.rb) in the BaseSpace Ruby SDK (aka bio-basespace-sdk) gem 0.1.7 for Ruby uses the API_KEY on the command line, which allows remote attackers to obtain sensitive information by listing the processes. |
Github GHSA |
GHSA-xwr3-fmgj-mmfr | Exposure of Sensitive Information in bio-basespace-sdk |
References
History
No history.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-06T18:01:18.850Z
Reserved: 2013-12-15T00:00:00.000Z
Link: CVE-2013-7111
No data.
Status : Modified
Published: 2014-04-29T14:38:46.250
Modified: 2026-06-17T00:01:26.273
Link: CVE-2013-7111
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
EUVD
Github GHSA