CVE-2015-3448 Information

Description

REST client for Ruby (aka rest-client) before 1.7.3 logs usernames and passwords which allows local users to obtain sensitive information by reading the log.

Reference

http://lists.opensuse.org/opensuse-updates/2015-04/msg00026.html http://www.osvdb.org/117461 http://www.securityfocus.com/bid/74415 https://github.com/rest-client/rest-client/issues/349