FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

rest-client -- plaintext password disclosure

Affected packages
rubygem-rest-client < 1.6.7_1

Details

VuXML ID ffe2d86c-07d9-11e5-9a28-001e67150279
Discovery 2015-01-12
Entry 2015-05-31
Modified 2015-09-28

The open sourced vulnerability database reports:

REST Client for Ruby contains a flaw that is due to the application logging password information in plaintext. This may allow a local attacker to gain access to password information.

References

CVE Name CVE-2015-3448
FreeBSD PR ports/200504
URL http://osvdb.org/show/osvdb/117461
URL https://github.com/rest-client/rest-client/issues/349