CVE-2019-13354

Published July 8th, 2019

View on NVD ↗

CVSS v3

N/A

CVSS v2

7.5

HIGH

Affected

PROJECTS

Description

The strong_password gem 0.0.7 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. The current version, without this backdoor, is 0.0.6.

bdmac/strong_password

Entropy-based password strength checking for Ruby and Rails.

GitHub

338

strong_password

Entropy-based password strength checking for Ruby and ActiveModel

RubyGems

4.14M