Vultr Key
ID |
vultr_key |
Severity |
high |
Vendor |
Vultr |
Family |
API Token |
Description
Vultr provides cloud and private servers, solid-state drives (SSDs), hosting, and other cloud infrastructure solutions to help users develop, deploy, and manage applications, games, software, and operating systems. The platform allows developers to launch games servers, WordPress blogs, development environments, and more using one-click apps.
It provides an API to programmatically access Vultr products and services.
Security
Any hardcoded Vultr API Key is a potential secret reported by this detector.
Accidentally checking-in the key to source control repositories could compromise your Vultr account.
Mitigation / Fix
-
Remove the
API Keyfrom the source code or committed configuration file. -
Follow your policy for handling leaked secrets, which typically require revoking the secret in the target system(s). Go to Settings and revoke the API Key.
-
If under a git repository, you may remove unwanted files from the repository history using tools like
git filter-repoorBFG Repo-Cleaner. You may follow the procedure listed here for GitHub.
|
You should consider any sensitive data in commits with secrets as compromised. Remember that secrets may be removed from history in your projects, but not in other users' cloned or forked repositories. |