Rubysec

Providing security resources for the Ruby community.
Follow us @rubysec or email us via info at rubysec.com

Advisory Archive

Back

---
gem: active-support
date: 2018-08-09
url: https://hackerone.com/reports/392311
cve: 2018-3779
title: Malicious ruby gem - active-support
description: |
  The gem duplicates official `activesupport` (no hyphen) code, but adds a
  compiled extension. The extension attempts to resolve a base64 encoded
  domain, downloads a payload, and executes.

  Replace this gem with the official `activesupport` gem.
related:
  url: '["https://github.com/rubygems/rubygems.org/pull/1762"]'