All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Security
Security
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

Code execution back door found in Ruby’s rest-client library

6y agoen

Source

SnykCode execution back door found in Ruby’s rest-client librarysnyk.io
Snippet from the RSS feed
On August 19th, 2019 rest-client, a simple HTTP and REST client for Ruby, reported a new security threat. A maintainer’s RubyGem account was compromised and a malicious third party installed a code execution back door. The exploit affects versions greater than 1.6.10 and less than 1.7.0.rc1.

You might also wanna read

Addressing Flaws in Ruby's JSON Gem API

The article discusses the issues with the JSON gem API in Ruby, highlighting its problematic and sometimes dangerous APIs. The author, who i

byroot.github.io·11mo ago

HTTPjail: Fine-grained HTTP Filtering for AI Coding Agents and Development Tools

The article introduces httpjail, a security tool designed to provide fine-grained HTTP filtering for AI coding agents and development tools.

ammar.io·9mo ago

Developer discovers remote code execution backdoor hidden in fake crypto startup job offer on LinkedIn

A security-conscious developer receives a LinkedIn job offer from a recruiter at a crypto startup. Suspicious of the request to review a Git

roman.pt·22d ago

Developer discovers remote code execution backdoor hidden in fake crypto startup job offer on LinkedIn

A security-conscious developer receives a LinkedIn job offer from a recruiter at a crypto startup. Suspicious of the request to review a Git

roman.pt·22d ago

Security Analysis: CodeRabbit Vulnerability Led to RCE and Access to 1 Million Repositories

A detailed security disclosure explaining how researchers achieved remote code execution on CodeRabbit's production servers, leaked API toke

research.kudelskisecurity.com·10mo ago

Critical Remote Code Execution Vulnerability Discovered in Widely Used protobuf.js Library

A critical remote code execution vulnerability has been discovered in protobuf.js, a widely used JavaScript implementation of Google's Proto

bleepingcomputer.com·2mo ago

Memory Disclosure Vulnerability Discovered in Ruby 4.0.0's Array#pack Method

A security researcher discovered a memory disclosure vulnerability in Ruby 4.0.0's Array#pack method that allows reading memory beyond alloc

nastystereo.com·6mo ago

Comments

Sign in to join the conversation.

No comments yet. Be the first.