---
gem: newrelic_rpm
cve: 2013-0284
osvdb: 90189
url: https://nvd.nist.gov/vuln/detail/CVE-2013-0284
title: Ruby on Rails newrelic_rpm Gem Discloses Sensitive Information
date: 2012-12-06

description: |
  A bug in the Ruby agent causes database connection information and raw SQL
  statements to be transmitted to New Relic servers. The database connection
  information includes the database IP address, username, and password

cvss_v2: 5.0

patched_versions: 
  - ">= 3.5.3.25"