Skip to content

Security-related question about a possible exposed credential #71

Description

@Emma-NYL

Hello,

My name is Emma, I am conducting an academic study on possible credential exposure in public GitHub repositories.

While analyzing this repository, I found a string that may represent a credential. I'm including the code snippet below containing possible leakage. To avoid exposing sensitive information publicly, I marked the sensitive information.

Could you please help clarify whether the detected string is:

  1. a real credential, or
  2. a placeholder / example value?

Thank you for your time.


Code snippet (sensitive values masked):

         """
         This function perform the invitedaddition and deletion
         """
         self.ocommon.log_info_message("Inside invited_node_op()",self.file_name)
         gsmhost=self.ora_env_dict["ORACLE_HOSTNAME"]
         cadmin=self.ora_env_dict["SHARD_ADMIN_USER"]
         cpasswd="HIDD****TRING"
         #dtrname,dtrport,dtregion=self.process_director_vars()
         self.ocommon.set_mask_str(self.ora_env_dict["ORACLE_PWD"])
         shard_host=self.ora_env_dict["INVITED_NODE_OP"]
         shardName=shard_host.split('.',1)[1].replace("\"","")
         shardName = shardName + "_" + shardName + "pdb"
         

Thank you in advance for your time - I really appreciate it!

Sincerely,
Emma

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions