CVE-2013-7111: Command Line API Key Disclosure

April 29, 2014

This package contains a flaw that is due to the API client code passing the API_KEY to a curl command. This may allow a local attacker to gain access to API key information by monitoring the process table.

References

github.com/rubysec/ruby-advisory-db/blob/master/gems/bio-basespace-sdk/OSVDB-101031.yml

Code Behaviors & Features

Detect and mitigate CVE-2013-7111 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →