{"url":"http://public2.vulnerablecode.io/api/packages/51835?format=json","purl":"pkg:gem/bio-basespace-sdk@0","type":"gem","namespace":"","name":"bio-basespace-sdk","version":"0","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37672?format=json","vulnerability_id":"VCID-5c6s-d9cz-s3fq","summary":"Command Line API Key Disclosure\nThis package contains a flaw that is due to the API client code passing the API_KEY to a curl command. This may allow a local attacker to gain access to API key information by monitoring the process table.","references":[{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bio-basespace-sdk/OSVDB-101031.yml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bio-basespace-sdk/OSVDB-101031.yml"}],"fixed_packages":[],"aliases":["CVE-2013-7111"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5c6s-d9cz-s3fq"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/bio-basespace-sdk@0"}