CVE-2013-0284 (newrelic_rpm): Ruby on Rails newrelic_rpm Gem Discloses Sensitive Information

December 6th, 2012

ADVISORIES

CVE-2013-0284 (NVD)
GHSA-q6cw-2553-7837
OSVDB-90189

GEM

newrelic_rpm

SEVERITY

CVSS v2.0: 5.0 (Medium)

PATCHED VERSIONS

>= 3.5.3.25

DESCRIPTION

A bug in the Ruby agent causes database connection information and raw SQL statements to be transmitted to New Relic servers. The database connection information includes the database IP address, username, and password

RubySec

CVE-2013-0284 (newrelic_rpm): Ruby on Rails newrelic_rpm Gem Discloses Sensitive Information

ADVISORIES

GEM

SEVERITY

PATCHED VERSIONS

DESCRIPTION

Recent Advisories