Security Bulletin
This security bulletin contains one critical risk vulnerability.
EUVDB-ID: #VU27108
Risk: Critical
CVSSv3.1: 8.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:H/RL:U/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to the application.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor) that allows a remote attacker to gain unauthorized access to the application.
Mitigationatlas-client: 0.0.2 - 0.3.13
appium-lib: 10.5.0
action-mailer_cache_delivery: 0.3.7
activemodel_validators: 0.1.0 - 3.0.0
asciidoctor_bibliography: 0.10.3
assets-pipeline: 0.0.1 - 0.0.3
apress_validators: 0.1.0
ar_octopus-replication-tracking: 0.1.5
aliyun-open_search: 0.6.0
aliyun-mns: 0.1.11
ab_split: 1.0.2
apns-polite: 0.9.1
alephant_publisher: 0.6.10
alephant_publisher-queue: 2.6.0
alephant_publisher-request: 0.3.0
abbyy_ruby: 0.2.2
accredible_api-ruby: 0.1.50
accredible_ruby: 0.1.9
adequate-serializer: 0.3.1
algolia-places: 0.1.2
ali-dayu: 0.1.2
alias-helper: 0.1.2
alidns_ruby: 0.1.0
access-lint: 0.1.3
aligned-table: 0.1.0
alipay-dualfun: 0.4
accesslint_ci: 0.3.6
ach-client: 1.0.3
acme_cli: 0.6.1
ardm_validations: 1.2.0
alipay-escrow: 0.1.3
action-links: 0.4.1
banner-jobsub: 0.1.2
actionmailer-inline_css: 1.6.0
actionview-link-to_blank: 1.0.4
actionview-link-to_block: 1.0.2
adapter_sqlite3: 0.1.0
active_profiling: 0.1.1
active-subset-validator: 1.0.0
active-admin-duplicatable: 0.4.0
aliyun_odps: 0.4.2
aliyun_push: 0.1.0
aliyun_sdk-core: 0.1.5
active-comparison_validator: 0.1.3
active-delivery: 0.3.0
active-hash-like: 0.1.0
active-link_to: 1.0.5
active-merchant_mollie: 0.1.1
aliyun-live: 0.1.1
backbone_subroute-rails: 0.4.6
agnostic_duplicate: 1.0.1
active-model_serializers-hash_wrapper: 0.1.0
active-model_serializers-jsonapi_embedded_records_deserializer: 0.1.1
acts-as_splittable: 0.1.0
active-model_serializers_binary: 0.2.1
active-model_serializers_cancancan: 0.5.0
allscripts-unity_client: 4.0.1
acts-as_publishable: 0.3.3
active-model_serializers_validator: 1.2
amplitude_api: 0.1.1
active-model_validates_intersection_of: 1.2.0
active-model_validators_ex: 1.0.0
active-public_resources: 0.2.7
active-publisher: 1.2.0
active-record_fix_integer_limit: 0.1.7
active-record_inline_schema: 0.6.1
active-record_lite: 0.3.0
active-record_serialize_json: 0.1.4
android_command-line-tools: 0.1.0
active-replicas: 0.5.1
android-lint_translate_checkstyle_format: 0.2.0
active-scaffold_config_list_vho: 3.1.2
active-serializer: 0.1.1
active-support_alias_class_method: 1.2.0
acts-as_list_with_sti_support: 1.0.3
acts-as_liked: 0.1.0
acts-as_likeable: 0.1.0
activeadmin_mongoid-localize: 1.0.1
activeadmin-globalize_inputs: 1.0.0
apache-sling_api_client: 0.1.0
auto-localize: 0.1
auto-flick: 0.1.2
auto-click: 0.5.9
api-client_builder: 1.2.0
activemerchant_clickandbuy: 0.2.0
activemerchant_payline: 0.1.9
api-geo_client: 1.0.0
activerecord-json_validator: 1.3.0
aker-cas-cli: 1.0.0
attr-validator: 0.2.3
age-validator: 0.1.0
activerecord-globalize: 1.0.0
agave_client: 0.1.3
apple_news-client: 0.5.4
apple-class_client: 1.0.0
apple-dep_client: 2.2.2
application-digester: 0.1.6
ae-validates-timeliness: 4.0.0
application-insights: 0.5.6
application-seeds: 0.9.1
active-subset_validator: 1.0.0
aptible_cli: 0.16.3
asset-pipeline_i18n: 4.0.1.2
aptly-cli: 0.5.0
adyen_ruby-api-library: 4.0.2
asset-host_client: 1.2.1
advisors-command_client: 2.2.0
activerecord-database-validations: 1.0.3
activerecord_databasevalidations: 0.5.0
ar_serialize-helpers: 1.2.1
activerecord_duplicate: 0.6.1
aspose-slides_cloud: 19.12.0
asciidoctor_pdf-linewrap-ja: 0.6.0
address-validate: 0.1.1
arabic-normalizer: 0.1.1
archivist_client: 0.2.4
array-xml-serialization: 0.1.0
argentinian_validations: 0.1.0
ardm_serializer: 1.2.2
acme_client: 2.0.5
activerecord_denormalize: 0.2.0
arethusa_cli: 0.1.16
ardm_sqlite-adapter: 1.2.0
arethusa_client: 0.1.17
artoo_crazyflie: 0.5.0
action-cable_subscription_adapter: 0.2.2
action-pubsub: 0.2.1
action-subscriber: 5.1.5
acts-as_subscribable: 0.1.0
after-the_deadline: 0.1.3
ajax-submit_rails: 0.1.0
assembly_client: 0.9.0
assemblyline_ruby: 0.1.6
array_subindex: 1.3.1
asset-symlink: 0.3.1
aws-sns_subscription: 1.0.4
approval_ratings-cli-app: 0.1.0
campaign-monitor_subscriber: 1.0.4
activerecord_like: 2.2
applicious-utils: 0.1.95
assets-live_compile: 0.2.1
activerecord-msgpack-serializer: 0.1.1
abbyy_cloud: 0.0.10
abn-validator: 0.1.0
alias-class: 0.1.0
applicaster_logger: 0.8.4
applicant-tracking_api: 1.0.0
acception_client: 1.2.0
aliyun_mqs: 0.1.1
active_model-email-validator: 1.0.2
active-admin_filters_visibility: 1.2.0
active-application: 0.3.1
active-model_serializer_plus: 1.1.0
activerecord-rescue-from_duplicate: 0.1.3
active-model_serializers-matchers: 0.1.1
address-validator: 0.1.1
attribute-normalizer-extras: 0.1.0
audiobank_client: 0.6
allq-client: 1.1.1
active-model_serializers_matchers: 0.2.1
amazon_kinesis-client-ruby: 1.0.1
activerecord-strict_validations: 0.3.1
acts-as_commentable_with_replies: 0.1.0
acts-as_journalized: 3.3.0
amplifypay-ruby: 1.0.11
active-model_type_validator: 1.0.0
auto-scaling_methods: 0.1.0
apache-felix_webconsole_client: 0.1.1
apache-felix_api_client: 0.1.1
active-replica: 0.2.0
active-validator: 1.0.4
active-rest_client: 1.2.0
active-validation: 5.1.0
ansible-tower_client: 0.21.0
angular-form_validation: 0.1.8
angular_turbolinks: 0.1.0
android-string_resources_validator: 0.1.0
access-policy: 0.0.7
any_validate: 0.0.4
acts-as_multilingual: 0.0.1
ActiveAdmin_Globalize3-inputs: 0.0.1
authenticator_client: 0.0.4
activemerchant-banklink: 0.0.6
apiotics-aws_client: 1.0.1
ama-validators: 0.0.13
active-model_serializers_pg: 0.0.6
apiotics-aws_iot_client: 1.0.1
apitool_client: 2.0.0
acts-as_read_only_i18n_localised: 0.0.3
activerecord-safe-initialize: 0.2.0
aliyun-ruby_api: 0.0.3
appfigures-client: 0.0.2
active-model_policy: 0.0.1
active-model-permalink: 0.0.1
aliyun_slb: 0.0.1
appium-doc_lint: 0.0.11
aliyun_rds: 0.0.1
active-admin_globalize3_locale_selector: 0.0.1
activemodel-behavior-validator: 0.0.3
at_validations: 0.1.1
astroboa_cli: 0.5.0
aliyun_mq-sdk: 0.1.2
alive-state: 1.1.0
aliseeks-api: 1.0.4
alipay-global: 0.0.6
act-as_serializable: 0.0.1
access-policy_rails: 0.0.2
acts-as_localized: 0.0.3
accepts-nested_serialized_attributes: 0.0.2
alidayu-api: 0.0.2
alias-to_method: 0.0.1
alias-scope: 0.0.1
alias-metrics: 0.1.2
activemodel-email-address_validator: 2.0.0
application-config: 0.0.2
ali-mns: 0.0.5
association-validator: 0.6.1
ability-list: 0.0.4
activemodel-immutable-validator: 0.0.2
capistrano-scm-git-with_submodule_and_resolv_symlinks: 0.3.1
capistrano_copy-subdir: 0.1.0
adb_sdklib: 0.0.3
alacrity-client: 0.0.1
activerecord_jdbcsplice-adapter: 0.1.4
assets_publisher-for-hanami: 2.0.0
agile_cli: 0.0.19
activemodel-ipaddr-validator: 0.0.2
activerecord_implicit-order: 0.1.0
activerecord-forbid-implicit_connection_checkout: 1.0.0
ar-lightning: 0.0.1
assembla-cli: 0.0.2
asana_cli: 0.0.2
archive-lister: 0.0.1
adn_cli: 0.0.6
administrate_field-paperclip: 0.0.5
administrate_field-mobility: 0.0.1
acception_subscriber: 1.1.0
activemodel-base64-validator: 0.0.1
addy-caddy_client: 0.0.1
adtech_api-client: 0.0.4
addons_client: 0.0.10
alcatraz_client: 0.0.6
aliyun_mts: 0.0.0
aliyun-sls: 0.0.7
aliyun-sls_sdk: 0.0.9
also-validates: 0.0.2
acts-as_publicable: 0.0.4
android_publisher: 0.0.14
angel-list: 0.0.8
answers_ruby-client: 0.0.1
anything_slider: 0.0.1
anything-slider_rails: 0.0.2
active-pubsub: 0.0.9
capistrano_scm-gitsubmodules: 1.0.0
ability-engine: 0.0.2
apn-client: 0.0.4
apocalypse_client: 0.0.5
activerecord-serialize-coders: 0.0.1
apod_cli: 0.0.4
app_cli: 0.0.1
activerecord_publishable: 0.0.1
application-module: 0.0.2
activerecord_locking-symbolic: 0.0.1
ace_client-ext: 0.0.11
applied-css: 0.0.5
ar-database_duplicator: 0.0.2
ar-json_serialize: 0.0.3
ar-publish_control: 0.0.9
area-code_validator: 0.0.6
assemblyline_cli: 0.0.21
assemblyline_formatter: 0.0.1
active-model_version_serializers: 0.0.5
activemodel-url-validator: 0.0.4
asset-pipeline: 0.2.0
actionmailer-localized-preview: 0.0.2
active-model-attributes_validation: 0.0.1
activemodel-can-validator: 0.0.2
at-least_one_existence_validator: 0.0.3
atacama-client: 0.0.4
auth_transis-client: 0.0.5
auth-client: 0.0.3
authenticated-client: 0.0.3
auto-validate: 0.0.4
active-model_serializers-cancan: 0.0.2
asset-link: 0.0.2
assets-offline: 0.0.5
3scale-client: 2.11.0
apigee-cli: 0.0.3
asterisk_ari-client: 0.0.8
capistrano_auth-subscriber: 0.0.1
apidone_client: 0.0.3
applidget_oauth2: 0.0.3
capistrano_rails-subdir: 0.0.0
apibanca_client: 0.0.8
a1409yo-health: 0.0.2
acmesmith_designate: 0.1.1
a1408nw-Ounennhei: 2.1.3
abbreviated-methods: 0.1.0
acmesmith_ns1: 0.1.0
aastra-xml_api: 1.1.4
a1447ll-hpbd: 1.0.1
act-as_enumerable: 0.1.3
acme_smileage: 4.0.1
a15z8my-name: 0.1.0
action-meta_tags: 0.2
act-as_time_as_boolean: 1.0.1
abstract-api_wrapper: 1.3.2
acme_pki: 0.2.1
acmesmith_verisign: 0.1.3
abiquo_api: 0.1.3
acmesmith_google-cloud-dns: 0.2.0
acmesmith_google-cloud-storage: 0.1.3
active-merchant-mollie: 0.1.1
rack_envinspector: 0.1
edmunds-vin: 0.1.1
deriving-license: 0.3.1
comic-vine: 0.1.5
act-as_nameable: 0.0.3
a15666011-konagayoshi: 0.1.0
rails_test-serving: 0.1.4.2
a1548sy-yamamoto: 0.1.0
seeing-is_believing: 3.6.1
a1539kh-calculator: 0.1.9
omniauth_marvin: 1.1.0
acme-base64-hexagrams: 0.0.1
twitter_vine: 0.1.9
aai10_mechanize: 2.0.1.0
1-as_identity_function: 1.0.1
em_synchrony-dataone-vin: 0.1.0
divining-rod: 0.6.4
moving-images: 1.0.1
a-stupid_test_gem: 0.0.2
jmcnevin-rghost-barcode: 0.8.8
a1426kt-prime-number: 0.0.7
3scale-time_range: 0.3.0
a1521hk-minitest_practice: 0.1.0
a1426kt-prime_number: 0.0.7
aastra-xml-api: 1.1.4
acme_heisenberg: 0.0.1
acme_bleach: 0.0.4
absa_notify-me: 0.0.7
vagrant_hvinfo: 0.1.3
moving-average: 0.1.1
action-parameter: 0.0.3
nhtsa-vin: 0.0.8
a-special_day: 0.0.2
movingsign-api: 0.0.2
a14z6ch-elapsed_days: 0.0.5
a-stupid-test_gem: 0.0.2
living-dead: 0.0.1
ab-panel: 0.4.3
kevins-propietary_brain: 0.0.1
acme_leeway: 0.0.1
indonesian-province: 0.0.2
gimme-vins: 0.0.3
hello-kelvinst: 0.0.1
galvinhsiu-active-cart: 0.0.20
aasm-ohm_persistence: 0.0.1
first-giving_api: 0.0.1
3scale-time-range: 0.3.0
kevin-thompson: 0.0.1
mars-rover_alvin: 0.0.1
devino-sms: 0.0.2
bitmovin_api: 0.0.4
moving-words: 0.0.3
actioncontroller-parameter-filter: 0.0.2
multi-movingsign: 0.0.1
abbish-sequel_plugins: 0.0.6
forgiving-nil: 0.0.2
37_pieces-of-flair: 0.0.1
3months-staff_schedule: 0.0.3
99designs_tasks: 0.0.7
a1510jy-bmi: 0.1.0
a1520mk-exercise4: 0.1.5
aasm-active-fedora: 0.1.2
a1501da-birthday: 0.1.0
aasm-history: 0.1.3
a1508ki-ika: 0.1.0
a15745105-ichinoki: 0.4.4
a1616ts-gem: 0.1.0
a1624-bmi: 0.1.0
a1535yt-gem: 0.1.0
a1447ll-mini_test: 0.1.0
a1630ty-a1630ty: 0.2.0
a1521hk-age: 0.1.1
a1632ma-ano: 0.1.0
a15745105-ichinokii: 0.1.7
a15z7kn-niitsuma_2016_gem: 0.1.0
a-special-day: 0.0.2
a1521hk-minitest-practice: 0.1.0
a14z6ch-elapsed-days: 0.0.5
a1439ty-bmiV3: 0.0.3
a1420ks-bmi: 0.1.1
a1412tk-bmi: 0.0.3
allocation-stats: 0.1.5
alerty-plugin-datadog-event: 0.1.4
1-as-identity_function: 1.0.1
alexa-plugin_generator: 0.2.0
a1437ky-bmi3: 0.0.1
fluent_plugin-stats: 0.4.0
a1330ks-bmi: 0.0.1
active-record_stats: 0.1.5
foot-stats: 0.1.0
a1447ll-test: 0.0.1
active-scaffold_batch_vho: 3.1.7
airbrake_statsd: 0.2.1
belong_plugin-rds-pgsql-log: 0.3.2
cocoapods_fixbugs-plugin: 0.1.0
a_test-gem: 0.0.19
autoproj_stats: 0.1.0
arproxy-plugin-mysql-casual_log: 0.1.0
gamer-stats: 0.2.5
bunto-test_plugin: 1.0.0
chef_handler-statsd: 1.0.1
codestats_metrics-reporter: 0.1.13
atlassian-plugin_installer: 0.1.3
apptuit_fluent-plugin: 0.1.3
admiral-stats_parser: 1.17.1
education-stats: 1.0.0
bunto-test_plugin_malicious: 1.0.0
em_statsd-ruby: 1.0.3
emque_stats: 1.1.0
fluent_plugin-datadog-statsd: 0.0.4
commonmarker_pluggable: 0.3.0
halo-stats: 1.0.3
active-redis_stats: 0.1.3
blade-sauce-labs_plugin: 0.7.3
github_org-stats: 0.1.0
fluent_plugin-statsd: 1.0.3
fluent_plugin-statsd-event: 0.1.1
cap_drupal-multisite: 0.3.2
arctica_autorization-rails-plugin: 0.1
gitstats_rb: 2.0.0
dradis_nmap: 3.15.0
get-stats: 0.3
fluent_plugin-statsd-output: 1.4.2
fluent_plugin-stats-notifier: 0.0.5
github_release-stats: 0.0.2
fluent-plugin-haproxy-stats: 0.1.1
gitstats_ruby: 1.0.1
wordify-stuckiest: 1.1.0
fluent_plugin-dogstatsd: 0.0.6
jenkins-statsd: 0.3.1
alerty-plugin-amazon-sns: 0.0.6
em_statsd: 1.0.0
alerty_plugin-ikachan: 0.0.1
alerty_plugin-mail: 0.0.2
alerty_plugin-slack: 0.0.1
danger_apkstats: 0.2.0
contributors-stats: 1.0.0
active-model-password: 1.0.3
activeadmin-jfu_upload: 0.1.8
acts-as_explorable: 0.1.1
claide_plugins: 0.9.2
alephant_logger-statsd: 0.0.4
angular_file-upload-rails: 1.6.1.2
a1436mm-age: 0.0.3
batali_infuse: 0.2.2
bosh_plugin-pipeline: 0.2.1
bosh-cli_plugin_consul: 0.1.0
capistrano_stats: 1.1.1
bosh-lastpass_plugin: 0.0.4
active-model-better_errors: 1.6.7
bosh-cli_plugin_redis: 0.2.3
acts-as_better_tree: 1.0.0
artisan_plugin: 0.0.2
arethusa-plugin_generator: 0.0.1
spider_src: 0.1.7
alphabetical-paginate: 2.3.4
http-statsd: 0.0.2
alphabetical-paginate_uk: 1.0.1
bankgiro-inbetalningar: 1.2.0
beta_pod: 1.3.0
fluent_plugin-statsite: 0.0.7
spider_gazelle: 3.2.0
fluent_plugin-dogstatsd-mediba: 0.0.9
omniauth_mixer: 0.1.2
spider-html: 0.1.9
font_stack: 0.1.2
apress_api: 1.24.0
apress_documentation: 0.4.0
apress_moysklad: 0.1.0
ascii-press: 0.5.2
batsd_dash: 0.5.0
batch-translations: 0.1.3
batch-it: 0.1.0
commission-junction_stats: 0.0.2
active-model-password_reset: 1.0.9
batch_rails2: 0.2.0
cache-stats: 0.0.1
basic_stats: 0.0.2
aem_deploy: 0.1.26
batali_wedge: 0.1.2
airbrake-stats: 0.0.1
batali_tk: 0.2.4
3months-staff-schedule: 0.0.3
autoexec-bat: 0.1.1
api-batch: 0.1.1
ba-upload: 0.1.0
activerecord-pluck-in_batches: 0.2.1
admob-site_stats: 0.0.1
activerecord-suppress-range_error: 0.1.1
font_awesome-sass-c: 4.7.2
font_awesome-sass-mixins: 4.7.0
font_awesome-sassc: 4.7.1
font_fabulous: 1.0.5
font_awesome-sass: 5.12.0
font-assets: 0.1.14
benchmark_plot: 0.1.1
bbs-uploader: 0.1.6
aws_s3-deploy: 0.3.0
aws_codedeploy-agent: 0.1.0
auto_deploy-test: 0.1.19
api-deploy: 0.1.0
amoeba-deploy_tools: 0.0.10
batch_rails: 1.3.1
active-explorer: 0.0.9
batch-insert: 1.0
catarse-paypal_express: 3.0.2
cafepress-api: 0.3.2
bunto_press: 0.2.1
activerecord_postgresql-expression: 0.0.2
active-press: 0.1.0
resque-stuck_queue: 0.5.2
drupal-fu: 0.0.1
capistrano3_drupal: 0.0.1
git-team_stats: 0.0.1
commandsy_plugin: 0.0.1
cocoapods_icemobile-plugin: 0.0.8
alphabet_rocker: 0.1.1
bosh_plugin-generator: 0.0.1
brightbox_boxgrinder-plugins: 0.0.6
audio-mixer-sox: 1.0.3
batman_rails: 0.16.1
font_league: 1.0.0
alphabetic-paginate: 0.0.12
spider_node: 0.0.1
archive-uploader: 0.2
applogger_ruby: 0.5.3
selenium-spider: 0.1.2
ar_find-in-batches-with-order: 0.0.2
batch-actions: 0.0.2
administrate_field-password: 0.0.4
acts-as_keywordable: 0.0.9
arb-spider: 1.1.2
apress_changelogger: 0.0.1
royal-mail_scraper: 1.0.1
stuck-it_up: 0.1.0
spider-monkey: 0.0.11
backstop_deploys: 0.0.6
royal-mail_api: 0.1.1
battle_on: 0.0.4
battery-growl: 0.0.1
battering-ram: 0.0.1
beta-tools: 0.0.5
spider-bot: 0.0.5
awesome-print_carrier_wave_uploader: 0.0.1
dradis_ntospider: 3.15.0
beta-invites: 0.0.1
adwords-scraper: 0.0.2
bedrock_capistrano-uploads: 0.0.1
active-record_samplooper: 0.0.7
app_deployer: 0.0.3
lines-mixer: 0.0.1
aws-upload: 0.0.1
language-mixer: 0.0.1
font_roboto-rails: 0.0.3
aws-blue_green_deploy: 0.0.1
batched-query: 0.0.1
speed-spider: 0.0.2
asset-uploader: 0.0.3
movie-spider: 0.0.2
murmuring-spider: 0.0.2
batch-audio_convert: 0.2.0-x86_64-linux
secondhand_spider: 0.0.1
acpc-poker_player_proxy: 1.6.7
acpc-poker_types: 7.8.6
acpc-poker_match_state: 2.2.1
acpc-poker_basic_proxy: 3.2.2
active-admin-advanced_create_another: 0.1.1
active-admin_theme: 1.1.1
about-pos: 2.0.0
abstract-importer: 1.6.0
acceptance-tests_support: 1.0.2
act-blue_reporter: 0.1.0
action-component: 0.1.4
acpc-poker-player_proxy: 1.6.7
active-admin_import: 4.2.0
accessible-tooltip: 1.0.9
cards-lib: 0.2.5
acquia-toolbelt: 2.4.1
game-shuffle_cards: 1.0.5
act-as_importable: 0.0.11
active-model-policy: 0.0.1
acpc-poker-types: 7.8.6
ackintosh-net-empty-port: 0.0.1
acts-as_crafter: 1.0.0
lang-cards: 1.0.0
acpc-poker-basic_proxy: 3.2.2
active-tools: 0.2.5
acpc-poker-match_state: 2.2.1
workarea-gift-cards: 4.0.1
access-policy-rails: 0.0.2
twitter-cards: 0.1.0
damn_weather: 0.1.3
cinch_weatherman: 1.0.5
dark-sky_weather: 0.1.0
hack-cards: 0.0.4
barometer-weather-bug: 0.1.0
activerecord_db-tools: 0.0.1
ruby-playing_cards: 0.0.2
enpit-weather: 0.1.0
playing-cards: 0.0.2
airservice-build_tools: 0.0.9
ellen_weather: 0.0.1
rubylove-playing-cards: 0.0.1
current-weather: 0.0.4
fortnite-api: 0.2.0
rspec-candy: 0.5.1
candy_-sql: 0.1.0
candy-check: 0.2.1
referral-candy: 0.1.0
cinch_logsearch: 1.0.2
capistrano_telegram-notification: 0.1.1
chef-partial-search: 1.0.7
capistrano_telegram: 1.0.0
bin-search: 0.1
blinkman-twitter-search: 0.1.0
capistrano-telegram-notification: 0.1.1
barely-searchable: 1.0.0
jaconda-telegram: 1.0
binary-search_tree: 2.2
beerdb-api: 0.1.1
cloud-search: 0.2.0
biblesearch_api: 1.2.0
blacklight-advanced_search: 7.0.0
binary-search_frequency: 0.0.3
aws_elasticsearch: 0.1.0
beer-bash: 0.1.0
telegram-meetup_bot: 0.3.0
lita_onewheel-beer-apex: 0.2.7
bisearch-enzim_hu: 0.0.4
lita_onewheel-beer-baileys: 3.8.8
telegram_bot-types: 0.6.1
telegram-bot_ruby: 0.1.7
lita_onewheel-beer-base: 2.0.8
administrate-field-belongs-to_search: 0.7.0
telegram-bot_middleware: 0.3.2
lita_onewheel-beer-craftpourhouse: 1.0.0
lita_onewheel-beer-loyal-legion: 0.1.3
lita_onewheel-beer-tin-bucket: 0.1.3
activeadmin-searchable-select: 1.2.0
lita_onewheel-beer-wework: 2.3.0
lita_telegram: 0.1.0
telegram-bot_api: 0.1.0
ruboty_telegram: 1.0.0
telegram_bot-ruby: 0.12.0
aliyun-open-search: 0.6.0
lita_telegram-plus: 0.1.2
city-search: 0.0.4
chef_cloudsearch: 0.0.2
aws-cloud_search: 0.0.2
active-search: 1.0.1
amazon_search: 1.4.4
alchemy-pg-search: 1.2.0
arel-search: 0.0.5
lita_onewheel-beer-abvpub: 0.0.1
apple-store_search: 0.0.5
dog-biscuits: 0.5.9
attr-searchable: 0.0.7
lita_onewheel-beer-btu: 0.0.0
datadog_notifications: 0.6.2
lita_onewheel-beer-growlers: 0.0.1
cat_dog: 1.0.0
lita_onewheel-beer-pints: 0.0.6
acts-as_fuzzy_search: 0.0.1
lita_onewheel-beer-upperlip: 0.0.1
alerty_plugin-datadog-event: 0.1.4
airbrake_api: 4.6.1
dragonfly_cloudinary-datastore: 0.1
dragonfly_activerecord: 1.0.0
rate-beer: 0.0.2
dragonfly_cloudinary: 0.1.1
lita_onewheel-beer-wayfinder: 0.0.3
first-gem_rakesh: 0.1.0
ad-search: 0.0.2
fig-rake: 0.9.3
crl-watchdog: 1.0.0
datadog_cli: 0.1.16
adapter_elasticsearch: 0.0.4
datadog-apm: 0.9.0
airbrake-notifying_threads: 0.1.1
beer-in_the_evening: 0.0.7
dogapi_demo: 0.1.0
cordova_rake: 0.5.2
blinkist_airbrake-scrubber: 4.1.1
bard_rake: 0.17.3
airbrake-user_attributes_rails5: 0.2.0
fluent_plugin-airbrake-logger: 0.1.0
airbrake-proxy: 0.1.2
fluent_plugin-airbrake-python: 0.2
datadog-proxy: 0.0.6
airbrake-user_attributes: 0.1.6
telegram-notifications: 0.0.1
doge-linguist: 0.1.0
doge-helper: 0.1
bulldoggy_filesystem: 0.0.1
chef_handler-datadog-demo: 0.2.0
capistrano_airbrake: 0.1.1
capistrano_rake: 0.2.0
capistrano_runit-rake: 0.2.0
dradis_brakeman: 3.15.0
delayed_plugins-airbrake: 1.1.0
doge_chef-formatter: 0.0.1
cucumber-rake_runner: 0.0.3
danger_brakeman: 0.0.1
doge-woof: 0.1.10
dot-rake_tasks_in_rails: 0.0.1
execute-with_rescue_with_airbrake: 0.0.3
airbrake_graylog2: 0.0.4
ceedling_autorake: 0.0.2
dt_rake: 0.0.3
brakeman-translate_checkstyle_format: 0.0.1
chalk_rake: 0.0.3
branch-raker: 0.0.6
External linkshttp://thehackernews.com/2020/04/rubygem-typosquatting-malware.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.