CVSS v3.x: 9.8 (Critical)
- < 0.0.7
- >= 0.0.8
strong_password gem on RubyGems.org was hijacked by a malicious actor. The
malicious actor published v0.0.7 containing malicious code that enables an attacker
to execute remote code in production.
strong_password to v0.0.8 to ensure no malicious code execution is possible.