OSVDB-115091: Redirection Remote HTTP Basic Authentication Credential Disclosure

February 12, 2013

This package contains a flaw that is triggered during the redirection to other hosts. This may allow a remote attacker to gain access to HTTP basic authentication credential information.

References

github.com/rubysec/ruby-advisory-db/blob/master/gems/bundler/OSVDB-115091.yml

Detect and mitigate OSVDB-115091 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →