CVE-2019-13589

Published July 14th, 2019

View on NVD ↗

CVSS v3

N/A

CVSS v2

7.5

HIGH

Affected

PROJECTS

Description

The paranoid2 gem 1.1.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. The current version, without this backdoor, is 1.1.5.

rubygems/rubygems.org

The Ruby community's gem hosting service.

GitHub

2.43K

paranoid2

paranoid models for rails 4

RubyGems

170K