title: Remote code execution in bootstrap-sass
description: "Arbitrary code execution (via backdoor code, when \ndownloaded from
rubygems.org) was discovered in \nbootstrap-sass 18.104.22.168.\n\nUsers are advised to
upgrade immediately to 22.214.171.124\n\nAn unauthenticated attacker can craft the ___cfduid
cookie value\nwith base64 arbitrary code to be executed via eval(), which can\nbe
leveraged to execute arbitrary code on the target system. \n(Note that there are
three underscore characters in the cookie name. \nThis is unrelated to the __cfduid
cookie that is legitimately used by \nCloudflare.)\n"
- "<= 126.96.36.199"
- ">= 188.8.131.52"