CVE-2019-13589 (paranoid2): Code backdoor in paranoid2

CVE: CVE-2019-13589 ( NVD )
GHSA: GHSA-4g4c-8gqh-m4vm
Vendor Advisory: https://github.com/rubygems/rubygems.org/issues/2051

Code backdoor in paranoid2

Published: July 16, 2019

CVSS v3.x: 9.8 (Critical)

> 1.1.6 < 1.1.6

None available.

The paranoid2 gem 1.1.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party.

The current version, without this backdoor, is 1.1.5.