Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The put_call function in the API client (api/api_client.rb) in the BaseSpace Ruby SDK (aka bio-basespace-sdk) gem 0.1.7 for Ruby uses the API_KEY on the command line, which allows remote attackers to obtain sensitive information by listing the processes.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Bio Basespace SDK API Key 本地信息泄露漏洞
Vulnerability Description
BaseSpace Ruby SDK gem for Ruby(也称bio-basespace-sdk)是BaseSpace Ruby SDK项目的一套基于Ruby的软件开发工具包。 Ruby的BaseSpace Ruby SDK gem 0.1.7版本的API客户端(api/api_client.rb)的‘put_call’函数存在安全漏洞,该漏洞源于程序在命令行使用API_KEY。远程攻击者可通过监听进程利用该漏洞获取敏感消息。
CVSS Information
N/A
Vulnerability Type
N/A