Malicious ruby gem - active-support
Published: August 09, 2018
SECURITY IDENTIFIERS
- CVE: CVE-2018-3779 (NVD)
- GHSA: GHSA-2j55-pcw5-x4h2
- Vendor Advisory: https://hackerone.com/reports/392311
GEM
PATCHED VERSIONS
None available.
DESCRIPTION
The gem duplicates official activesupport (no hyphen) code, but adds a
compiled extension. The extension attempts to resolve a base64 encoded
domain, downloads a payload, and executes.
Replace this gem with the official activesupport gem.