RubySec

Providing security resources for the Ruby community

CVE-2018-3779 (active-support): Malicious ruby gem - active-support

ADVISORIES

GEM

active-support

PATCHED VERSIONS

None.

DESCRIPTION

The gem duplicates official activesupport (no hyphen) code, but adds a compiled extension. The extension attempts to resolve a base64 encoded domain, downloads a payload, and executes.

Replace this gem with the official activesupport gem.