Rubysec

Providing security resources for the Ruby community.
Follow us @rubysec or email us via info at rubysec.com

Advisory Archive

Back

---
gem: rest-client
date: 2019-08-19
url: https://github.com/rest-client/rest-client/issues/713
cve: 2019-15224
title: Code execution backdoor in rest-client
description: |
  The rest-client gem 1.6.13 for Ruby, as distributed on RubyGems.org,
  included a code-execution backdoor inserted by a third party.
unaffected_versions:
- "<= 1.6.9"
- ">= 1.6.14"