Backdoors in multiple gems for Ruby



Published: 2020-04-22
Risk Critical
Patch available NO
Number of vulnerabilities 1
CVE ID N/A
CWE ID CWE-506
Exploitation vector Network
Public exploit Vulnerability #1 is being exploited in the wild.
Vulnerable software
Subscribe
atlas-client
Web applications / Modules and components for CMS

appium-lib
Web applications / Modules and components for CMS

action-mailer_cache_delivery
Web applications / Modules and components for CMS

activemodel_validators
Web applications / Modules and components for CMS

asciidoctor_bibliography
Web applications / Modules and components for CMS

assets-pipeline
Web applications / Modules and components for CMS

apress_validators
Web applications / Modules and components for CMS

ar_octopus-replication-tracking
Web applications / Modules and components for CMS

aliyun-open_search
Web applications / Modules and components for CMS

aliyun-mns
Web applications / Modules and components for CMS

ab_split
Web applications / Modules and components for CMS

apns-polite
Web applications / Modules and components for CMS

alephant_publisher
Web applications / Modules and components for CMS

alephant_publisher-queue
Web applications / Modules and components for CMS

alephant_publisher-request
Web applications / Modules and components for CMS

abbyy_ruby
Web applications / Modules and components for CMS

accredible_api-ruby
Web applications / Modules and components for CMS

accredible_ruby
Web applications / Modules and components for CMS

adequate-serializer
Web applications / Modules and components for CMS

algolia-places
Web applications / Modules and components for CMS

ali-dayu
Web applications / Modules and components for CMS

alias-helper
Web applications / Modules and components for CMS

alidns_ruby
Web applications / Modules and components for CMS

access-lint
Web applications / Modules and components for CMS

aligned-table
Web applications / Modules and components for CMS

alipay-dualfun
Web applications / Modules and components for CMS

accesslint_ci
Web applications / Modules and components for CMS

ach-client
Web applications / Modules and components for CMS

acme_cli
Web applications / Modules and components for CMS

ardm_validations
Web applications / Modules and components for CMS

alipay-escrow
Web applications / Modules and components for CMS

action-links
Web applications / Modules and components for CMS

banner-jobsub
Web applications / Modules and components for CMS

actionmailer-inline_css
Web applications / Modules and components for CMS

actionview-link-to_blank
Web applications / Modules and components for CMS

actionview-link-to_block
Web applications / Modules and components for CMS

adapter_sqlite3
Web applications / Modules and components for CMS

active_profiling
Web applications / Modules and components for CMS

active-subset-validator
Web applications / Modules and components for CMS

active-admin-duplicatable
Web applications / Modules and components for CMS

aliyun_odps
Web applications / Modules and components for CMS

aliyun_push
Web applications / Modules and components for CMS

aliyun_sdk-core
Web applications / Modules and components for CMS

active-comparison_validator
Web applications / Modules and components for CMS

active-delivery
Web applications / Modules and components for CMS

active-hash-like
Web applications / Modules and components for CMS

active-link_to
Web applications / Modules and components for CMS

active-merchant_mollie
Web applications / Modules and components for CMS

aliyun-live
Web applications / Modules and components for CMS

backbone_subroute-rails
Web applications / Modules and components for CMS

agnostic_duplicate
Web applications / Modules and components for CMS

active-model_serializers-hash_wrapper
Web applications / Modules and components for CMS

active-model_serializers-jsonapi_embedded_records_deserializer
Web applications / Modules and components for CMS

acts-as_splittable
Web applications / Modules and components for CMS

active-model_serializers_binary
Web applications / Modules and components for CMS

active-model_serializers_cancancan
Web applications / Modules and components for CMS

allscripts-unity_client
Web applications / Modules and components for CMS

acts-as_publishable
Web applications / Modules and components for CMS

active-model_serializers_validator
Web applications / Modules and components for CMS

amplitude_api
Web applications / Modules and components for CMS

active-model_validates_intersection_of
Web applications / Modules and components for CMS

active-model_validators_ex
Web applications / Modules and components for CMS

active-public_resources
Web applications / Modules and components for CMS

active-publisher
Web applications / Modules and components for CMS

active-record_fix_integer_limit
Web applications / Modules and components for CMS

active-record_inline_schema
Web applications / Modules and components for CMS

active-record_lite
Web applications / Modules and components for CMS

active-record_serialize_json
Web applications / Modules and components for CMS

android_command-line-tools
Web applications / Modules and components for CMS

active-replicas
Web applications / Modules and components for CMS

android-lint_translate_checkstyle_format
Web applications / Modules and components for CMS

active-scaffold_config_list_vho
Web applications / Modules and components for CMS

active-serializer
Web applications / Modules and components for CMS

active-support_alias_class_method
Web applications / Modules and components for CMS

acts-as_list_with_sti_support
Web applications / Modules and components for CMS

acts-as_liked
Web applications / Modules and components for CMS

acts-as_likeable
Web applications / Modules and components for CMS

activeadmin_mongoid-localize
Web applications / Modules and components for CMS

activeadmin-globalize_inputs
Web applications / Modules and components for CMS

apache-sling_api_client
Web applications / Modules and components for CMS

auto-localize
Web applications / Modules and components for CMS

auto-flick
Web applications / Modules and components for CMS

auto-click
Web applications / Modules and components for CMS

api-client_builder
Web applications / Modules and components for CMS

activemerchant_clickandbuy
Web applications / Modules and components for CMS

activemerchant_payline
Web applications / Modules and components for CMS

api-geo_client
Web applications / Modules and components for CMS

activerecord-json_validator
Web applications / Modules and components for CMS

aker-cas-cli
Web applications / Modules and components for CMS

attr-validator
Web applications / Modules and components for CMS

age-validator
Web applications / Modules and components for CMS

activerecord-globalize
Web applications / Modules and components for CMS

agave_client
Web applications / Modules and components for CMS

apple_news-client
Web applications / Modules and components for CMS

apple-class_client
Web applications / Modules and components for CMS

apple-dep_client
Web applications / Modules and components for CMS

application-digester
Web applications / Modules and components for CMS

ae-validates-timeliness
Web applications / Modules and components for CMS

application-insights
Web applications / Modules and components for CMS

application-seeds
Web applications / Modules and components for CMS

active-subset_validator
Web applications / Modules and components for CMS

aptible_cli
Web applications / Modules and components for CMS

asset-pipeline_i18n
Web applications / Modules and components for CMS

aptly-cli
Web applications / Modules and components for CMS

adyen_ruby-api-library
Web applications / Modules and components for CMS

asset-host_client
Web applications / Modules and components for CMS

advisors-command_client
Web applications / Modules and components for CMS

activerecord-database-validations
Web applications / Modules and components for CMS

activerecord_databasevalidations
Web applications / Modules and components for CMS

ar_serialize-helpers
Web applications / Modules and components for CMS

activerecord_duplicate
Web applications / Modules and components for CMS

aspose-slides_cloud
Web applications / Modules and components for CMS

asciidoctor_pdf-linewrap-ja
Web applications / Modules and components for CMS

address-validate
Web applications / Modules and components for CMS

arabic-normalizer
Web applications / Modules and components for CMS

archivist_client
Web applications / Modules and components for CMS

array-xml-serialization
Web applications / Modules and components for CMS

argentinian_validations
Web applications / Modules and components for CMS

ardm_serializer
Web applications / Modules and components for CMS

acme_client
Web applications / Modules and components for CMS

activerecord_denormalize
Web applications / Modules and components for CMS

arethusa_cli
Web applications / Modules and components for CMS

ardm_sqlite-adapter
Web applications / Modules and components for CMS

arethusa_client
Web applications / Modules and components for CMS

artoo_crazyflie
Web applications / Modules and components for CMS

action-cable_subscription_adapter
Web applications / Modules and components for CMS

action-pubsub
Web applications / Modules and components for CMS

action-subscriber
Web applications / Modules and components for CMS

acts-as_subscribable
Web applications / Modules and components for CMS

after-the_deadline
Web applications / Modules and components for CMS

ajax-submit_rails
Web applications / Modules and components for CMS

assembly_client
Web applications / Modules and components for CMS

assemblyline_ruby
Web applications / Modules and components for CMS

array_subindex
Web applications / Modules and components for CMS

asset-symlink
Web applications / Modules and components for CMS

aws-sns_subscription
Web applications / Modules and components for CMS

approval_ratings-cli-app
Web applications / Modules and components for CMS

campaign-monitor_subscriber
Web applications / Modules and components for CMS

activerecord_like
Web applications / Modules and components for CMS

applicious-utils
Web applications / Modules and components for CMS

assets-live_compile
Web applications / Modules and components for CMS

activerecord-msgpack-serializer
Web applications / Modules and components for CMS

abbyy_cloud
Web applications / Modules and components for CMS

abn-validator
Web applications / Modules and components for CMS

alias-class
Web applications / Modules and components for CMS

applicaster_logger
Web applications / Modules and components for CMS

applicant-tracking_api
Web applications / Modules and components for CMS

acception_client
Web applications / Modules and components for CMS

aliyun_mqs
Web applications / Modules and components for CMS

active_model-email-validator
Web applications / Modules and components for CMS

active-admin_filters_visibility
Web applications / Modules and components for CMS

active-application
Web applications / Modules and components for CMS

active-model_serializer_plus
Web applications / Modules and components for CMS

activerecord-rescue-from_duplicate
Web applications / Modules and components for CMS

active-model_serializers-matchers
Web applications / Modules and components for CMS

address-validator
Web applications / Modules and components for CMS

attribute-normalizer-extras
Web applications / Modules and components for CMS

audiobank_client
Web applications / Modules and components for CMS

allq-client
Web applications / Modules and components for CMS

active-model_serializers_matchers
Web applications / Modules and components for CMS

amazon_kinesis-client-ruby
Web applications / Modules and components for CMS

activerecord-strict_validations
Web applications / Modules and components for CMS

acts-as_commentable_with_replies
Web applications / Modules and components for CMS

acts-as_journalized
Web applications / Modules and components for CMS

amplifypay-ruby
Web applications / Modules and components for CMS

active-model_type_validator
Web applications / Modules and components for CMS

auto-scaling_methods
Web applications / Modules and components for CMS

apache-felix_webconsole_client
Web applications / Modules and components for CMS

apache-felix_api_client
Web applications / Modules and components for CMS

active-replica
Web applications / Modules and components for CMS

active-validator
Web applications / Modules and components for CMS

active-rest_client
Web applications / Modules and components for CMS

active-validation
Web applications / Modules and components for CMS

ansible-tower_client
Web applications / Modules and components for CMS

angular-form_validation
Web applications / Modules and components for CMS

angular_turbolinks
Web applications / Modules and components for CMS

android-string_resources_validator
Web applications / Modules and components for CMS

access-policy
Web applications / Modules and components for CMS

any_validate
Web applications / Modules and components for CMS

acts-as_multilingual
Web applications / Modules and components for CMS

ActiveAdmin_Globalize3-inputs
Web applications / Modules and components for CMS

authenticator_client
Web applications / Modules and components for CMS

activemerchant-banklink
Web applications / Modules and components for CMS

apiotics-aws_client
Web applications / Modules and components for CMS

ama-validators
Web applications / Modules and components for CMS

active-model_serializers_pg
Web applications / Modules and components for CMS

apiotics-aws_iot_client
Web applications / Modules and components for CMS

apitool_client
Web applications / Modules and components for CMS

acts-as_read_only_i18n_localised
Web applications / Modules and components for CMS

activerecord-safe-initialize
Web applications / Modules and components for CMS

aliyun-ruby_api
Web applications / Modules and components for CMS

appfigures-client
Web applications / Modules and components for CMS

active-model_policy
Web applications / Modules and components for CMS

active-model-permalink
Web applications / Modules and components for CMS

aliyun_slb
Web applications / Modules and components for CMS

appium-doc_lint
Web applications / Modules and components for CMS

aliyun_rds
Web applications / Modules and components for CMS

active-admin_globalize3_locale_selector
Web applications / Modules and components for CMS

activemodel-behavior-validator
Web applications / Modules and components for CMS

at_validations
Web applications / Modules and components for CMS

astroboa_cli
Web applications / Modules and components for CMS

aliyun_mq-sdk
Web applications / Modules and components for CMS

alive-state
Web applications / Modules and components for CMS

aliseeks-api
Web applications / Modules and components for CMS

alipay-global
Web applications / Modules and components for CMS

act-as_serializable
Web applications / Modules and components for CMS

access-policy_rails
Web applications / Modules and components for CMS

acts-as_localized
Web applications / Modules and components for CMS

accepts-nested_serialized_attributes
Web applications / Modules and components for CMS

alidayu-api
Web applications / Modules and components for CMS

alias-to_method
Web applications / Modules and components for CMS

alias-scope
Web applications / Modules and components for CMS

alias-metrics
Web applications / Modules and components for CMS

activemodel-email-address_validator
Web applications / Modules and components for CMS

application-config
Web applications / Modules and components for CMS

ali-mns
Web applications / Modules and components for CMS

association-validator
Web applications / Modules and components for CMS

ability-list
Web applications / Modules and components for CMS

activemodel-immutable-validator
Web applications / Modules and components for CMS

capistrano-scm-git-with_submodule_and_resolv_symlinks
Web applications / Modules and components for CMS

capistrano_copy-subdir
Web applications / Modules and components for CMS

adb_sdklib
Web applications / Modules and components for CMS

alacrity-client
Web applications / Modules and components for CMS

activerecord_jdbcsplice-adapter
Web applications / Modules and components for CMS

assets_publisher-for-hanami
Web applications / Modules and components for CMS

agile_cli
Web applications / Modules and components for CMS

activemodel-ipaddr-validator
Web applications / Modules and components for CMS

activerecord_implicit-order
Web applications / Modules and components for CMS

activerecord-forbid-implicit_connection_checkout
Web applications / Modules and components for CMS

ar-lightning
Web applications / Modules and components for CMS

assembla-cli
Web applications / Modules and components for CMS

asana_cli
Web applications / Modules and components for CMS

archive-lister
Web applications / Modules and components for CMS

adn_cli
Web applications / Modules and components for CMS

administrate_field-paperclip
Web applications / Modules and components for CMS

administrate_field-mobility
Web applications / Modules and components for CMS

acception_subscriber
Web applications / Modules and components for CMS

activemodel-base64-validator
Web applications / Modules and components for CMS

addy-caddy_client
Web applications / Modules and components for CMS

adtech_api-client
Web applications / Modules and components for CMS

addons_client
Web applications / Modules and components for CMS

alcatraz_client
Web applications / Modules and components for CMS

aliyun_mts
Web applications / Modules and components for CMS

aliyun-sls
Web applications / Modules and components for CMS

aliyun-sls_sdk
Web applications / Modules and components for CMS

also-validates
Web applications / Modules and components for CMS

acts-as_publicable
Web applications / Modules and components for CMS

android_publisher
Web applications / Modules and components for CMS

angel-list
Web applications / Modules and components for CMS

answers_ruby-client
Web applications / Modules and components for CMS

anything_slider
Web applications / Modules and components for CMS

anything-slider_rails
Web applications / Modules and components for CMS

active-pubsub
Web applications / Modules and components for CMS

capistrano_scm-gitsubmodules
Web applications / Modules and components for CMS

ability-engine
Web applications / Modules and components for CMS

apn-client
Web applications / Modules and components for CMS

apocalypse_client
Web applications / Modules and components for CMS

activerecord-serialize-coders
Web applications / Modules and components for CMS

apod_cli
Web applications / Modules and components for CMS

app_cli
Web applications / Modules and components for CMS

activerecord_publishable
Web applications / Modules and components for CMS

application-module
Web applications / Modules and components for CMS

activerecord_locking-symbolic
Web applications / Modules and components for CMS

ace_client-ext
Web applications / Modules and components for CMS

applied-css
Web applications / Modules and components for CMS

ar-database_duplicator
Web applications / Modules and components for CMS

ar-json_serialize
Web applications / Modules and components for CMS

ar-publish_control
Web applications / Modules and components for CMS

area-code_validator
Web applications / Modules and components for CMS

assemblyline_cli
Web applications / Modules and components for CMS

assemblyline_formatter
Web applications / Modules and components for CMS

active-model_version_serializers
Web applications / Modules and components for CMS

activemodel-url-validator
Web applications / Modules and components for CMS

asset-pipeline
Web applications / Modules and components for CMS

actionmailer-localized-preview
Web applications / Modules and components for CMS

active-model-attributes_validation
Web applications / Modules and components for CMS

activemodel-can-validator
Web applications / Modules and components for CMS

at-least_one_existence_validator
Web applications / Modules and components for CMS

atacama-client
Web applications / Modules and components for CMS

auth_transis-client
Web applications / Modules and components for CMS

auth-client
Web applications / Modules and components for CMS

authenticated-client
Web applications / Modules and components for CMS

auto-validate
Web applications / Modules and components for CMS

active-model_serializers-cancan
Web applications / Modules and components for CMS

asset-link
Web applications / Modules and components for CMS

assets-offline
Web applications / Modules and components for CMS

3scale-client
Web applications / Modules and components for CMS

apigee-cli
Web applications / Modules and components for CMS

asterisk_ari-client
Web applications / Modules and components for CMS

capistrano_auth-subscriber
Web applications / Modules and components for CMS

apidone_client
Web applications / Modules and components for CMS

applidget_oauth2
Web applications / Modules and components for CMS

capistrano_rails-subdir
Web applications / Modules and components for CMS

apibanca_client
Web applications / Modules and components for CMS

a1409yo-health
Web applications / Modules and components for CMS

acmesmith_designate
Web applications / Modules and components for CMS

a1408nw-Ounennhei
Web applications / Modules and components for CMS

abbreviated-methods
Web applications / Modules and components for CMS

acmesmith_ns1
Web applications / Modules and components for CMS

aastra-xml_api
Web applications / Modules and components for CMS

a1447ll-hpbd
Web applications / Modules and components for CMS

act-as_enumerable
Web applications / Modules and components for CMS

acme_smileage
Web applications / Modules and components for CMS

a15z8my-name
Web applications / Modules and components for CMS

action-meta_tags
Web applications / Modules and components for CMS

act-as_time_as_boolean
Web applications / Modules and components for CMS

abstract-api_wrapper
Web applications / Modules and components for CMS

acme_pki
Web applications / Modules and components for CMS

acmesmith_verisign
Web applications / Modules and components for CMS

abiquo_api
Web applications / Modules and components for CMS

acmesmith_google-cloud-dns
Web applications / Modules and components for CMS

acmesmith_google-cloud-storage
Web applications / Modules and components for CMS

active-merchant-mollie
Web applications / Modules and components for CMS

rack_envinspector
Web applications / Modules and components for CMS

edmunds-vin
Web applications / Modules and components for CMS

deriving-license
Web applications / Modules and components for CMS

comic-vine
Web applications / Modules and components for CMS

act-as_nameable
Web applications / Modules and components for CMS

a15666011-konagayoshi
Web applications / Modules and components for CMS

rails_test-serving
Web applications / Modules and components for CMS

a1548sy-yamamoto
Web applications / Modules and components for CMS

seeing-is_believing
Web applications / Modules and components for CMS

a1539kh-calculator
Web applications / Modules and components for CMS

omniauth_marvin
Web applications / Modules and components for CMS

acme-base64-hexagrams
Web applications / Modules and components for CMS

twitter_vine
Web applications / Modules and components for CMS

aai10_mechanize
Web applications / Modules and components for CMS

1-as_identity_function
Web applications / Modules and components for CMS

em_synchrony-dataone-vin
Web applications / Modules and components for CMS

divining-rod
Web applications / Modules and components for CMS

moving-images
Web applications / Modules and components for CMS

a-stupid_test_gem
Web applications / Modules and components for CMS

jmcnevin-rghost-barcode
Web applications / Modules and components for CMS

a1426kt-prime-number
Web applications / Modules and components for CMS

3scale-time_range
Web applications / Modules and components for CMS

a1521hk-minitest_practice
Web applications / Modules and components for CMS

a1426kt-prime_number
Web applications / Modules and components for CMS

aastra-xml-api
Web applications / Modules and components for CMS

acme_heisenberg
Web applications / Modules and components for CMS

acme_bleach
Web applications / Modules and components for CMS

absa_notify-me
Web applications / Modules and components for CMS

vagrant_hvinfo
Web applications / Modules and components for CMS

moving-average
Web applications / Modules and components for CMS

action-parameter
Web applications / Modules and components for CMS

nhtsa-vin
Web applications / Modules and components for CMS

a-special_day
Web applications / Modules and components for CMS

movingsign-api
Web applications / Modules and components for CMS

a14z6ch-elapsed_days
Web applications / Modules and components for CMS

a-stupid-test_gem
Web applications / Modules and components for CMS

living-dead
Web applications / Modules and components for CMS

ab-panel
Web applications / Modules and components for CMS

kevins-propietary_brain
Web applications / Modules and components for CMS

acme_leeway
Web applications / Modules and components for CMS

indonesian-province
Web applications / Modules and components for CMS

gimme-vins
Web applications / Modules and components for CMS

hello-kelvinst
Web applications / Modules and components for CMS

galvinhsiu-active-cart
Web applications / Modules and components for CMS

aasm-ohm_persistence
Web applications / Modules and components for CMS

first-giving_api
Web applications / Modules and components for CMS

3scale-time-range
Web applications / Modules and components for CMS

kevin-thompson
Web applications / Modules and components for CMS

mars-rover_alvin
Web applications / Modules and components for CMS

devino-sms
Web applications / Modules and components for CMS

bitmovin_api
Web applications / Modules and components for CMS

moving-words
Web applications / Modules and components for CMS

actioncontroller-parameter-filter
Web applications / Modules and components for CMS

multi-movingsign
Web applications / Modules and components for CMS

abbish-sequel_plugins
Web applications / Modules and components for CMS

forgiving-nil
Web applications / Modules and components for CMS

37_pieces-of-flair
Web applications / Modules and components for CMS

3months-staff_schedule
Web applications / Modules and components for CMS

99designs_tasks
Web applications / Modules and components for CMS

a1510jy-bmi
Web applications / Modules and components for CMS

a1520mk-exercise4
Web applications / Modules and components for CMS

aasm-active-fedora
Web applications / Modules and components for CMS

a1501da-birthday
Web applications / Modules and components for CMS

aasm-history
Web applications / Modules and components for CMS

a1508ki-ika
Web applications / Modules and components for CMS

a15745105-ichinoki
Web applications / Modules and components for CMS

a1616ts-gem
Web applications / Modules and components for CMS

a1624-bmi
Web applications / Modules and components for CMS

a1535yt-gem
Web applications / Modules and components for CMS

a1447ll-mini_test
Web applications / Modules and components for CMS

a1630ty-a1630ty
Web applications / Modules and components for CMS

a1521hk-age
Web applications / Modules and components for CMS

a1632ma-ano
Web applications / Modules and components for CMS

a15745105-ichinokii
Web applications / Modules and components for CMS

a15z7kn-niitsuma_2016_gem
Web applications / Modules and components for CMS

a-special-day
Web applications / Modules and components for CMS

a1521hk-minitest-practice
Web applications / Modules and components for CMS

a14z6ch-elapsed-days
Web applications / Modules and components for CMS

a1439ty-bmiV3
Web applications / Modules and components for CMS

a1420ks-bmi
Web applications / Modules and components for CMS

a1412tk-bmi
Web applications / Modules and components for CMS

allocation-stats
Web applications / Modules and components for CMS

alerty-plugin-datadog-event
Web applications / Modules and components for CMS

1-as-identity_function
Web applications / Modules and components for CMS

alexa-plugin_generator
Web applications / Modules and components for CMS

a1437ky-bmi3
Web applications / Modules and components for CMS

fluent_plugin-stats
Web applications / Modules and components for CMS

a1330ks-bmi
Web applications / Modules and components for CMS

active-record_stats
Web applications / Modules and components for CMS

foot-stats
Web applications / Modules and components for CMS

a1447ll-test
Web applications / Modules and components for CMS

active-scaffold_batch_vho
Web applications / Modules and components for CMS

airbrake_statsd
Web applications / Modules and components for CMS

belong_plugin-rds-pgsql-log
Web applications / Modules and components for CMS

cocoapods_fixbugs-plugin
Web applications / Modules and components for CMS

a_test-gem
Web applications / Modules and components for CMS

autoproj_stats
Web applications / Modules and components for CMS

arproxy-plugin-mysql-casual_log
Web applications / Modules and components for CMS

gamer-stats
Web applications / Modules and components for CMS

bunto-test_plugin
Web applications / Modules and components for CMS

chef_handler-statsd
Web applications / Modules and components for CMS

codestats_metrics-reporter
Web applications / Modules and components for CMS

atlassian-plugin_installer
Web applications / Modules and components for CMS

apptuit_fluent-plugin
Web applications / Modules and components for CMS

admiral-stats_parser
Web applications / Modules and components for CMS

education-stats
Web applications / Modules and components for CMS

bunto-test_plugin_malicious
Web applications / Modules and components for CMS

em_statsd-ruby
Web applications / Modules and components for CMS

emque_stats
Web applications / Modules and components for CMS

fluent_plugin-datadog-statsd
Web applications / Modules and components for CMS

commonmarker_pluggable
Web applications / Modules and components for CMS

halo-stats
Web applications / Modules and components for CMS

active-redis_stats
Web applications / Modules and components for CMS

blade-sauce-labs_plugin
Web applications / Modules and components for CMS

github_org-stats
Web applications / Modules and components for CMS

fluent_plugin-statsd
Web applications / Modules and components for CMS

fluent_plugin-statsd-event
Web applications / Modules and components for CMS

cap_drupal-multisite
Web applications / Modules and components for CMS

arctica_autorization-rails-plugin
Web applications / Modules and components for CMS

gitstats_rb
Web applications / Modules and components for CMS

dradis_nmap
Web applications / Modules and components for CMS

get-stats
Web applications / Modules and components for CMS

fluent_plugin-statsd-output
Web applications / Modules and components for CMS

fluent_plugin-stats-notifier
Web applications / Modules and components for CMS

github_release-stats
Web applications / Modules and components for CMS

fluent-plugin-haproxy-stats
Web applications / Modules and components for CMS

gitstats_ruby
Web applications / Modules and components for CMS

wordify-stuckiest
Web applications / Modules and components for CMS

fluent_plugin-dogstatsd
Web applications / Modules and components for CMS

jenkins-statsd
Web applications / Modules and components for CMS

alerty-plugin-amazon-sns
Web applications / Modules and components for CMS

em_statsd
Web applications / Modules and components for CMS

alerty_plugin-ikachan
Web applications / Modules and components for CMS

alerty_plugin-mail
Web applications / Modules and components for CMS

alerty_plugin-slack
Web applications / Modules and components for CMS

danger_apkstats
Web applications / Modules and components for CMS

contributors-stats
Web applications / Modules and components for CMS

active-model-password
Web applications / Modules and components for CMS

activeadmin-jfu_upload
Web applications / Modules and components for CMS

acts-as_explorable
Web applications / Modules and components for CMS

claide_plugins
Web applications / Modules and components for CMS

alephant_logger-statsd
Web applications / Modules and components for CMS

angular_file-upload-rails
Web applications / Modules and components for CMS

a1436mm-age
Web applications / Modules and components for CMS

batali_infuse
Web applications / Modules and components for CMS

bosh_plugin-pipeline
Web applications / Modules and components for CMS

bosh-cli_plugin_consul
Web applications / Modules and components for CMS

capistrano_stats
Web applications / Modules and components for CMS

bosh-lastpass_plugin
Web applications / Modules and components for CMS

active-model-better_errors
Web applications / Modules and components for CMS

bosh-cli_plugin_redis
Web applications / Modules and components for CMS

acts-as_better_tree
Web applications / Modules and components for CMS

artisan_plugin
Web applications / Modules and components for CMS

arethusa-plugin_generator
Web applications / Modules and components for CMS

spider_src
Web applications / Modules and components for CMS

alphabetical-paginate
Web applications / Modules and components for CMS

http-statsd
Web applications / Modules and components for CMS

alphabetical-paginate_uk
Web applications / Modules and components for CMS

bankgiro-inbetalningar
Web applications / Modules and components for CMS

beta_pod
Web applications / Modules and components for CMS

fluent_plugin-statsite
Web applications / Modules and components for CMS

spider_gazelle
Web applications / Modules and components for CMS

fluent_plugin-dogstatsd-mediba
Web applications / Modules and components for CMS

omniauth_mixer
Web applications / Modules and components for CMS

spider-html
Web applications / Modules and components for CMS

font_stack
Web applications / Modules and components for CMS

apress_api
Web applications / Modules and components for CMS

apress_documentation
Web applications / Modules and components for CMS

apress_moysklad
Web applications / Modules and components for CMS

ascii-press
Web applications / Modules and components for CMS

batsd_dash
Web applications / Modules and components for CMS

batch-translations
Web applications / Modules and components for CMS

batch-it
Web applications / Modules and components for CMS

commission-junction_stats
Web applications / Modules and components for CMS

active-model-password_reset
Web applications / Modules and components for CMS

batch_rails2
Web applications / Modules and components for CMS

cache-stats
Web applications / Modules and components for CMS

basic_stats
Web applications / Modules and components for CMS

aem_deploy
Web applications / Modules and components for CMS

batali_wedge
Web applications / Modules and components for CMS

airbrake-stats
Web applications / Modules and components for CMS

batali_tk
Web applications / Modules and components for CMS

3months-staff-schedule
Web applications / Modules and components for CMS

autoexec-bat
Web applications / Modules and components for CMS

api-batch
Web applications / Modules and components for CMS

ba-upload
Web applications / Modules and components for CMS

activerecord-pluck-in_batches
Web applications / Modules and components for CMS

admob-site_stats
Web applications / Modules and components for CMS

activerecord-suppress-range_error
Web applications / Modules and components for CMS

font_awesome-sass-c
Web applications / Modules and components for CMS

font_awesome-sass-mixins
Web applications / Modules and components for CMS

font_awesome-sassc
Web applications / Modules and components for CMS

font_fabulous
Web applications / Modules and components for CMS

font_awesome-sass
Web applications / Modules and components for CMS

font-assets
Web applications / Modules and components for CMS

benchmark_plot
Web applications / Modules and components for CMS

bbs-uploader
Web applications / Modules and components for CMS

aws_s3-deploy
Web applications / Modules and components for CMS

aws_codedeploy-agent
Web applications / Modules and components for CMS

auto_deploy-test
Web applications / Modules and components for CMS

api-deploy
Web applications / Modules and components for CMS

amoeba-deploy_tools
Web applications / Modules and components for CMS

batch_rails
Web applications / Modules and components for CMS

active-explorer
Web applications / Modules and components for CMS

batch-insert
Web applications / Modules and components for CMS

catarse-paypal_express
Web applications / Modules and components for CMS

cafepress-api
Web applications / Modules and components for CMS

bunto_press
Web applications / Modules and components for CMS

activerecord_postgresql-expression
Web applications / Modules and components for CMS

active-press
Web applications / Modules and components for CMS

resque-stuck_queue
Web applications / Modules and components for CMS

drupal-fu
Web applications / Modules and components for CMS

capistrano3_drupal
Web applications / Modules and components for CMS

git-team_stats
Web applications / Modules and components for CMS

commandsy_plugin
Web applications / Modules and components for CMS

cocoapods_icemobile-plugin
Web applications / Modules and components for CMS

alphabet_rocker
Web applications / Modules and components for CMS

bosh_plugin-generator
Web applications / Modules and components for CMS

brightbox_boxgrinder-plugins
Web applications / Modules and components for CMS

audio-mixer-sox
Web applications / Modules and components for CMS

batman_rails
Web applications / Modules and components for CMS

font_league
Web applications / Modules and components for CMS

alphabetic-paginate
Web applications / Modules and components for CMS

spider_node
Web applications / Modules and components for CMS

archive-uploader
Web applications / Modules and components for CMS

applogger_ruby
Web applications / Modules and components for CMS

selenium-spider
Web applications / Modules and components for CMS

ar_find-in-batches-with-order
Web applications / Modules and components for CMS

batch-actions
Web applications / Modules and components for CMS

administrate_field-password
Web applications / Modules and components for CMS

acts-as_keywordable
Web applications / Modules and components for CMS

arb-spider
Web applications / Modules and components for CMS

apress_changelogger
Web applications / Modules and components for CMS

royal-mail_scraper
Web applications / Modules and components for CMS

stuck-it_up
Web applications / Modules and components for CMS

spider-monkey
Web applications / Modules and components for CMS

backstop_deploys
Web applications / Modules and components for CMS

royal-mail_api
Web applications / Modules and components for CMS

battle_on
Web applications / Modules and components for CMS

battery-growl
Web applications / Modules and components for CMS

battering-ram
Web applications / Modules and components for CMS

beta-tools
Web applications / Modules and components for CMS

spider-bot
Web applications / Modules and components for CMS

awesome-print_carrier_wave_uploader
Web applications / Modules and components for CMS

dradis_ntospider
Web applications / Modules and components for CMS

beta-invites
Web applications / Modules and components for CMS

adwords-scraper
Web applications / Modules and components for CMS

bedrock_capistrano-uploads
Web applications / Modules and components for CMS

active-record_samplooper
Web applications / Modules and components for CMS

app_deployer
Web applications / Modules and components for CMS

lines-mixer
Web applications / Modules and components for CMS

aws-upload
Web applications / Modules and components for CMS

language-mixer
Web applications / Modules and components for CMS

font_roboto-rails
Web applications / Modules and components for CMS

aws-blue_green_deploy
Web applications / Modules and components for CMS

batched-query
Web applications / Modules and components for CMS

speed-spider
Web applications / Modules and components for CMS

asset-uploader
Web applications / Modules and components for CMS

movie-spider
Web applications / Modules and components for CMS

murmuring-spider
Web applications / Modules and components for CMS

batch-audio_convert
Web applications / Modules and components for CMS

secondhand_spider
Web applications / Modules and components for CMS

acpc-poker_player_proxy
Web applications / Modules and components for CMS

acpc-poker_types
Web applications / Modules and components for CMS

acpc-poker_match_state
Web applications / Modules and components for CMS

acpc-poker_basic_proxy
Web applications / Modules and components for CMS

active-admin-advanced_create_another
Web applications / Modules and components for CMS

active-admin_theme
Web applications / Modules and components for CMS

about-pos
Web applications / Modules and components for CMS

abstract-importer
Web applications / Modules and components for CMS

acceptance-tests_support
Web applications / Modules and components for CMS

act-blue_reporter
Web applications / Modules and components for CMS

action-component
Web applications / Modules and components for CMS

acpc-poker-player_proxy
Web applications / Modules and components for CMS

active-admin_import
Web applications / Modules and components for CMS

accessible-tooltip
Web applications / Modules and components for CMS

cards-lib
Web applications / Modules and components for CMS

acquia-toolbelt
Web applications / Modules and components for CMS

game-shuffle_cards
Web applications / Modules and components for CMS

act-as_importable
Web applications / Modules and components for CMS

active-model-policy
Web applications / Modules and components for CMS

acpc-poker-types
Web applications / Modules and components for CMS

ackintosh-net-empty-port
Web applications / Modules and components for CMS

acts-as_crafter
Web applications / Modules and components for CMS

lang-cards
Web applications / Modules and components for CMS

acpc-poker-basic_proxy
Web applications / Modules and components for CMS

active-tools
Web applications / Modules and components for CMS

acpc-poker-match_state
Web applications / Modules and components for CMS

workarea-gift-cards
Web applications / Modules and components for CMS

access-policy-rails
Web applications / Modules and components for CMS

twitter-cards
Web applications / Modules and components for CMS

damn_weather
Web applications / Modules and components for CMS

cinch_weatherman
Web applications / Modules and components for CMS

dark-sky_weather
Web applications / Modules and components for CMS

hack-cards
Web applications / Modules and components for CMS

barometer-weather-bug
Web applications / Modules and components for CMS

activerecord_db-tools
Web applications / Modules and components for CMS

ruby-playing_cards
Web applications / Modules and components for CMS

enpit-weather
Web applications / Modules and components for CMS

playing-cards
Web applications / Modules and components for CMS

airservice-build_tools
Web applications / Modules and components for CMS

ellen_weather
Web applications / Modules and components for CMS

rubylove-playing-cards
Web applications / Modules and components for CMS

current-weather
Web applications / Modules and components for CMS

fortnite-api
Web applications / Modules and components for CMS

rspec-candy
Web applications / Modules and components for CMS

candy_-sql
Web applications / Modules and components for CMS

candy-check
Web applications / Modules and components for CMS

referral-candy
Web applications / Modules and components for CMS

cinch_logsearch
Web applications / Modules and components for CMS

capistrano_telegram-notification
Web applications / Modules and components for CMS

chef-partial-search
Web applications / Modules and components for CMS

capistrano_telegram
Web applications / Modules and components for CMS

bin-search
Web applications / Modules and components for CMS

blinkman-twitter-search
Web applications / Modules and components for CMS

capistrano-telegram-notification
Web applications / Modules and components for CMS

barely-searchable
Web applications / Modules and components for CMS

jaconda-telegram
Web applications / Modules and components for CMS

binary-search_tree
Web applications / Modules and components for CMS

beerdb-api
Web applications / Modules and components for CMS

cloud-search
Web applications / Modules and components for CMS

biblesearch_api
Web applications / Modules and components for CMS

blacklight-advanced_search
Web applications / Modules and components for CMS

binary-search_frequency
Web applications / Modules and components for CMS

aws_elasticsearch
Web applications / Modules and components for CMS

beer-bash
Web applications / Modules and components for CMS

telegram-meetup_bot
Web applications / Modules and components for CMS

lita_onewheel-beer-apex
Web applications / Modules and components for CMS

bisearch-enzim_hu
Web applications / Modules and components for CMS

lita_onewheel-beer-baileys
Web applications / Modules and components for CMS

telegram_bot-types
Web applications / Modules and components for CMS

telegram-bot_ruby
Web applications / Modules and components for CMS

lita_onewheel-beer-base
Web applications / Modules and components for CMS

administrate-field-belongs-to_search
Web applications / Modules and components for CMS

telegram-bot_middleware
Web applications / Modules and components for CMS

lita_onewheel-beer-craftpourhouse
Web applications / Modules and components for CMS

lita_onewheel-beer-loyal-legion
Web applications / Modules and components for CMS

lita_onewheel-beer-tin-bucket
Web applications / Modules and components for CMS

activeadmin-searchable-select
Web applications / Modules and components for CMS

lita_onewheel-beer-wework
Web applications / Modules and components for CMS

lita_telegram
Web applications / Modules and components for CMS

telegram-bot_api
Web applications / Modules and components for CMS

ruboty_telegram
Web applications / Modules and components for CMS

telegram_bot-ruby
Web applications / Modules and components for CMS

aliyun-open-search
Web applications / Modules and components for CMS

lita_telegram-plus
Web applications / Modules and components for CMS

city-search
Web applications / Modules and components for CMS

chef_cloudsearch
Web applications / Modules and components for CMS

aws-cloud_search
Web applications / Modules and components for CMS

active-search
Web applications / Modules and components for CMS

amazon_search
Web applications / Modules and components for CMS

alchemy-pg-search
Web applications / Modules and components for CMS

arel-search
Web applications / Modules and components for CMS

lita_onewheel-beer-abvpub
Web applications / Modules and components for CMS

apple-store_search
Web applications / Modules and components for CMS

dog-biscuits
Web applications / Modules and components for CMS

attr-searchable
Web applications / Modules and components for CMS

lita_onewheel-beer-btu
Web applications / Modules and components for CMS

datadog_notifications
Web applications / Modules and components for CMS

lita_onewheel-beer-growlers
Web applications / Modules and components for CMS

cat_dog
Web applications / Modules and components for CMS

lita_onewheel-beer-pints
Web applications / Modules and components for CMS

acts-as_fuzzy_search
Web applications / Modules and components for CMS

lita_onewheel-beer-upperlip
Web applications / Modules and components for CMS

alerty_plugin-datadog-event
Web applications / Modules and components for CMS

airbrake_api
Web applications / Modules and components for CMS

dragonfly_cloudinary-datastore
Web applications / Modules and components for CMS

dragonfly_activerecord
Web applications / Modules and components for CMS

rate-beer
Web applications / Modules and components for CMS

dragonfly_cloudinary
Web applications / Modules and components for CMS

lita_onewheel-beer-wayfinder
Web applications / Modules and components for CMS

first-gem_rakesh
Web applications / Modules and components for CMS

ad-search
Web applications / Modules and components for CMS

fig-rake
Web applications / Modules and components for CMS

crl-watchdog
Web applications / Modules and components for CMS

datadog_cli
Web applications / Modules and components for CMS

adapter_elasticsearch
Web applications / Modules and components for CMS

datadog-apm
Web applications / Modules and components for CMS

airbrake-notifying_threads
Web applications / Modules and components for CMS

beer-in_the_evening
Web applications / Modules and components for CMS

dogapi_demo
Web applications / Modules and components for CMS

cordova_rake
Web applications / Modules and components for CMS

blinkist_airbrake-scrubber
Web applications / Modules and components for CMS

bard_rake
Web applications / Modules and components for CMS

airbrake-user_attributes_rails5
Web applications / Modules and components for CMS

fluent_plugin-airbrake-logger
Web applications / Modules and components for CMS

airbrake-proxy
Web applications / Modules and components for CMS

fluent_plugin-airbrake-python
Web applications / Modules and components for CMS

datadog-proxy
Web applications / Modules and components for CMS

airbrake-user_attributes
Web applications / Modules and components for CMS

telegram-notifications
Web applications / Modules and components for CMS

doge-linguist
Web applications / Modules and components for CMS

doge-helper
Web applications / Modules and components for CMS

bulldoggy_filesystem
Web applications / Modules and components for CMS

chef_handler-datadog-demo
Web applications / Modules and components for CMS

capistrano_airbrake
Web applications / Modules and components for CMS

capistrano_rake
Web applications / Modules and components for CMS

capistrano_runit-rake
Web applications / Modules and components for CMS

dradis_brakeman
Web applications / Modules and components for CMS

delayed_plugins-airbrake
Web applications / Modules and components for CMS

doge_chef-formatter
Web applications / Modules and components for CMS

cucumber-rake_runner
Web applications / Modules and components for CMS

danger_brakeman
Web applications / Modules and components for CMS

doge-woof
Web applications / Modules and components for CMS

dot-rake_tasks_in_rails
Web applications / Modules and components for CMS

execute-with_rescue_with_airbrake
Web applications / Modules and components for CMS

airbrake_graylog2
Web applications / Modules and components for CMS

ceedling_autorake
Web applications / Modules and components for CMS

dt_rake
Web applications / Modules and components for CMS

brakeman-translate_checkstyle_format
Web applications / Modules and components for CMS

chalk_rake
Web applications / Modules and components for CMS

branch-raker
Web applications / Modules and components for CMS

Vendor RubyGems fake vendor

Security Advisory

This security advisory describes one critical risk vulnerability.

1) Embedded malicious code (backdoor)

Risk: Critical

CVSSv3: 8.8 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:H/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain unauthorized access to the application.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor) that allows a remote attacker to gain unauthorized access to the application.

Mitigation

Remove the affected package from the system.

Vulnerable software versions

atlas-client: 0.0.2, 0.3.8, 0.3.9, 0.3.10, 0.3.12, 0.3.13

appium-lib: 10.5.0

action-mailer_cache_delivery: 0.3.7

activemodel_validators: 0.1.0, 3.0.0

asciidoctor_bibliography: 0.10.3

assets-pipeline: 0.0.1, 0.0.3

apress_validators: 0.1.0

ar_octopus-replication-tracking: 0.1.5

aliyun-open_search: 0.6.0

aliyun-mns: 0.1.11

ab_split: 1.0.2

apns-polite: 0.9.1

alephant_publisher: 0.6.10

alephant_publisher-queue: 2.6.0

alephant_publisher-request: 0.3.0

abbyy_ruby: 0.2.2

accredible_api-ruby: 0.1.50

accredible_ruby: 0.1.9

adequate-serializer: 0.3.1

algolia-places: 0.1.2

ali-dayu: 0.1.2

alias-helper: 0.1.2

alidns_ruby: 0.1.0

access-lint: 0.1.3

aligned-table: 0.1.0

alipay-dualfun: 0.4

accesslint_ci: 0.3.6

ach-client: 1.0.3

acme_cli: 0.6.1

ardm_validations: 1.2.0

alipay-escrow: 0.1.3

action-links: 0.4.1

banner-jobsub: 0.1.2

actionmailer-inline_css: 1.6.0

actionview-link-to_blank: 1.0.4

actionview-link-to_block: 1.0.2

adapter_sqlite3: 0.1.0

active_profiling: 0.1.1

active-subset-validator: 1.0.0

active-admin-duplicatable: 0.4.0

aliyun_odps: 0.4.2

aliyun_push: 0.1.0

aliyun_sdk-core: 0.1.5

active-comparison_validator: 0.1.3

active-delivery: 0.3.0

active-hash-like: 0.1.0

active-link_to: 1.0.5

active-merchant_mollie: 0.1.1

aliyun-live: 0.1.1

backbone_subroute-rails: 0.4.6

agnostic_duplicate: 1.0.1

active-model_serializers-hash_wrapper: 0.1.0

active-model_serializers-jsonapi_embedded_records_deserializer: 0.1.1

acts-as_splittable: 0.1.0

active-model_serializers_binary: 0.2.1

active-model_serializers_cancancan: 0.5.0

allscripts-unity_client: 4.0.1

acts-as_publishable: 0.3.3

active-model_serializers_validator: 1.2

amplitude_api: 0.1.1

active-model_validates_intersection_of: 1.2.0

active-model_validators_ex: 1.0.0

active-public_resources: 0.2.7

active-publisher: 1.2.0

active-record_fix_integer_limit: 0.1.7

active-record_inline_schema: 0.6.1

active-record_lite: 0.3.0

active-record_serialize_json: 0.1.4

android_command-line-tools: 0.1.0

active-replicas: 0.5.1

android-lint_translate_checkstyle_format: 0.2.0

active-scaffold_config_list_vho: 3.1.2

active-serializer: 0.1.1

active-support_alias_class_method: 1.2.0

acts-as_list_with_sti_support: 1.0.3

acts-as_liked: 0.1.0

acts-as_likeable: 0.1.0

activeadmin_mongoid-localize: 1.0.1

activeadmin-globalize_inputs: 1.0.0

apache-sling_api_client: 0.1.0

auto-localize: 0.1

auto-flick: 0.1.2

auto-click: 0.5.9

api-client_builder: 1.2.0

activemerchant_clickandbuy: 0.2.0

activemerchant_payline: 0.1.9

api-geo_client: 1.0.0

activerecord-json_validator: 1.3.0

aker-cas-cli: 1.0.0

attr-validator: 0.2.3

age-validator: 0.1.0

activerecord-globalize: 1.0.0

agave_client: 0.1.3

apple_news-client: 0.5.4

apple-class_client: 1.0.0

apple-dep_client: 2.2.2

application-digester: 0.1.6

ae-validates-timeliness: 4.0.0

application-insights: 0.5.6

application-seeds: 0.9.1

active-subset_validator: 1.0.0

aptible_cli: 0.16.3

asset-pipeline_i18n: 4.0.1.2

aptly-cli: 0.5.0

adyen_ruby-api-library: 4.0.2

asset-host_client: 1.2.1

advisors-command_client: 2.2.0

activerecord-database-validations: 1.0.3

activerecord_databasevalidations: 0.5.0

ar_serialize-helpers: 1.2.1

activerecord_duplicate: 0.6.1

aspose-slides_cloud: 19.12.0

asciidoctor_pdf-linewrap-ja: 0.6.0

address-validate: 0.1.1

arabic-normalizer: 0.1.1

archivist_client: 0.2.4

array-xml-serialization: 0.1.0

argentinian_validations: 0.1.0

ardm_serializer: 1.2.2

acme_client: 2.0.5

activerecord_denormalize: 0.2.0

arethusa_cli: 0.1.16

ardm_sqlite-adapter: 1.2.0

arethusa_client: 0.1.17

artoo_crazyflie: 0.5.0

action-cable_subscription_adapter: 0.2.2

action-pubsub: 0.2.1

action-subscriber: 5.1.5

acts-as_subscribable: 0.1.0

after-the_deadline: 0.1.3

ajax-submit_rails: 0.1.0

assembly_client: 0.9.0

assemblyline_ruby: 0.1.6

array_subindex: 1.3.1

asset-symlink: 0.3.1

aws-sns_subscription: 1.0.4

approval_ratings-cli-app: 0.1.0

campaign-monitor_subscriber: 1.0.4

activerecord_like: 2.2

applicious-utils: 0.1.95

assets-live_compile: 0.2.1

activerecord-msgpack-serializer: 0.1.1

abbyy_cloud: 0.0.10

abn-validator: 0.1.0

alias-class: 0.1.0

applicaster_logger: 0.8.4

applicant-tracking_api: 1.0.0

acception_client: 1.2.0

aliyun_mqs: 0.1.1

active_model-email-validator: 1.0.2

active-admin_filters_visibility: 1.2.0

active-application: 0.3.1

active-model_serializer_plus: 1.1.0

activerecord-rescue-from_duplicate: 0.1.3

active-model_serializers-matchers: 0.1.1

address-validator: 0.1.1

attribute-normalizer-extras: 0.1.0

audiobank_client: 0.6

allq-client: 1.1.1

active-model_serializers_matchers: 0.2.1

amazon_kinesis-client-ruby: 1.0.1

activerecord-strict_validations: 0.3.1

acts-as_commentable_with_replies: 0.1.0

acts-as_journalized: 3.3.0

amplifypay-ruby: 1.0.11

active-model_type_validator: 1.0.0

auto-scaling_methods: 0.1.0

apache-felix_webconsole_client: 0.1.1

apache-felix_api_client: 0.1.1

active-replica: 0.2.0

active-validator: 1.0.4

active-rest_client: 1.2.0

active-validation: 5.1.0

ansible-tower_client: 0.21.0

angular-form_validation: 0.1.8

angular_turbolinks: 0.1.0

android-string_resources_validator: 0.1.0

access-policy: 0.0.7

any_validate: 0.0.4

acts-as_multilingual: 0.0.1

ActiveAdmin_Globalize3-inputs: 0.0.1

authenticator_client: 0.0.4

activemerchant-banklink: 0.0.6

apiotics-aws_client: 1.0.1

ama-validators: 0.0.13

active-model_serializers_pg: 0.0.6

apiotics-aws_iot_client: 1.0.1

apitool_client: 2.0.0

acts-as_read_only_i18n_localised: 0.0.3

activerecord-safe-initialize: 0.2.0

aliyun-ruby_api: 0.0.3

appfigures-client: 0.0.2

active-model_policy: 0.0.1

active-model-permalink: 0.0.1

aliyun_slb: 0.0.1

appium-doc_lint: 0.0.11

aliyun_rds: 0.0.1

active-admin_globalize3_locale_selector: 0.0.1

activemodel-behavior-validator: 0.0.3

at_validations: 0.1.1

astroboa_cli: 0.5.0

aliyun_mq-sdk: 0.1.2

alive-state: 1.1.0

aliseeks-api: 1.0.4

alipay-global: 0.0.6

act-as_serializable: 0.0.1

access-policy_rails: 0.0.2

acts-as_localized: 0.0.3

accepts-nested_serialized_attributes: 0.0.2

alidayu-api: 0.0.2

alias-to_method: 0.0.1

alias-scope: 0.0.1

alias-metrics: 0.1.2

activemodel-email-address_validator: 2.0.0

application-config: 0.0.2

ali-mns: 0.0.5

association-validator: 0.6.1

ability-list: 0.0.4

activemodel-immutable-validator: 0.0.2

capistrano-scm-git-with_submodule_and_resolv_symlinks: 0.3.1

capistrano_copy-subdir: 0.1.0

adb_sdklib: 0.0.3

alacrity-client: 0.0.1

activerecord_jdbcsplice-adapter: 0.1.4

assets_publisher-for-hanami: 2.0.0

agile_cli: 0.0.19

activemodel-ipaddr-validator: 0.0.2

activerecord_implicit-order: 0.1.0

activerecord-forbid-implicit_connection_checkout: 1.0.0

ar-lightning: 0.0.1

assembla-cli: 0.0.2

asana_cli: 0.0.2

archive-lister: 0.0.1

adn_cli: 0.0.6

administrate_field-paperclip: 0.0.5

administrate_field-mobility: 0.0.1

acception_subscriber: 1.1.0

activemodel-base64-validator: 0.0.1

addy-caddy_client: 0.0.1

adtech_api-client: 0.0.4

addons_client: 0.0.10

alcatraz_client: 0.0.6

aliyun_mts: 0.0.0

aliyun-sls: 0.0.7

aliyun-sls_sdk: 0.0.9

also-validates: 0.0.2

acts-as_publicable: 0.0.4

android_publisher: 0.0.14

angel-list: 0.0.8

answers_ruby-client: 0.0.1

anything_slider: 0.0.1

anything-slider_rails: 0.0.2

active-pubsub: 0.0.9

capistrano_scm-gitsubmodules: 1.0.0

ability-engine: 0.0.2

apn-client: 0.0.4

apocalypse_client: 0.0.5

activerecord-serialize-coders: 0.0.1

apod_cli: 0.0.4

app_cli: 0.0.1

activerecord_publishable: 0.0.1

application-module: 0.0.2

activerecord_locking-symbolic: 0.0.1

ace_client-ext: 0.0.11

applied-css: 0.0.5

ar-database_duplicator: 0.0.2

ar-json_serialize: 0.0.3

ar-publish_control: 0.0.9

area-code_validator: 0.0.6

assemblyline_cli: 0.0.21

assemblyline_formatter: 0.0.1

active-model_version_serializers: 0.0.5

activemodel-url-validator: 0.0.4

asset-pipeline: 0.2.0

actionmailer-localized-preview: 0.0.2

active-model-attributes_validation: 0.0.1

activemodel-can-validator: 0.0.2

at-least_one_existence_validator: 0.0.3

atacama-client: 0.0.4

auth_transis-client: 0.0.5

auth-client: 0.0.3

authenticated-client: 0.0.3

auto-validate: 0.0.4

active-model_serializers-cancan: 0.0.2

asset-link: 0.0.2

assets-offline: 0.0.5

3scale-client: 2.11.0

apigee-cli: 0.0.3

asterisk_ari-client: 0.0.8

capistrano_auth-subscriber: 0.0.1

apidone_client: 0.0.3

applidget_oauth2: 0.0.3

capistrano_rails-subdir: 0.0.0

apibanca_client: 0.0.8

a1409yo-health: 0.0.2

acmesmith_designate: 0.1.1

a1408nw-Ounennhei: 2.1.3

abbreviated-methods: 0.1.0

acmesmith_ns1: 0.1.0

aastra-xml_api: 1.1.4

a1447ll-hpbd: 1.0.1

act-as_enumerable: 0.1.3

acme_smileage: 4.0.1

a15z8my-name: 0.1.0

action-meta_tags: 0.2

act-as_time_as_boolean: 1.0.1

abstract-api_wrapper: 1.3.2

acme_pki: 0.2.1

acmesmith_verisign: 0.1.3

abiquo_api: 0.1.3

acmesmith_google-cloud-dns: 0.2.0

acmesmith_google-cloud-storage: 0.1.3

active-merchant-mollie: 0.1.1

rack_envinspector: 0.1

edmunds-vin: 0.1.1

deriving-license: 0.3.1

comic-vine: 0.1.5

act-as_nameable: 0.0.3

a15666011-konagayoshi: 0.1.0

rails_test-serving: 0.1.4.2

a1548sy-yamamoto: 0.1.0

seeing-is_believing: 3.6.1

a1539kh-calculator: 0.1.9

omniauth_marvin: 1.1.0

acme-base64-hexagrams: 0.0.1

twitter_vine: 0.1.9

aai10_mechanize: 2.0.1.0

1-as_identity_function: 1.0.1

em_synchrony-dataone-vin: 0.1.0

divining-rod: 0.6.4

moving-images: 1.0.1

a-stupid_test_gem: 0.0.2

jmcnevin-rghost-barcode: 0.8.8

a1426kt-prime-number: 0.0.7

3scale-time_range: 0.3.0

a1521hk-minitest_practice: 0.1.0

a1426kt-prime_number: 0.0.7

aastra-xml-api: 1.1.4

acme_heisenberg: 0.0.1

acme_bleach: 0.0.4

absa_notify-me: 0.0.7

vagrant_hvinfo: 0.1.3

moving-average: 0.1.1

action-parameter: 0.0.3

nhtsa-vin: 0.0.8

a-special_day: 0.0.2

movingsign-api: 0.0.2

a14z6ch-elapsed_days: 0.0.5

a-stupid-test_gem: 0.0.2

living-dead: 0.0.1

ab-panel: 0.4.3

kevins-propietary_brain: 0.0.1

acme_leeway: 0.0.1

indonesian-province: 0.0.2

gimme-vins: 0.0.3

hello-kelvinst: 0.0.1

galvinhsiu-active-cart: 0.0.20

aasm-ohm_persistence: 0.0.1

first-giving_api: 0.0.1

3scale-time-range: 0.3.0

kevin-thompson: 0.0.1

mars-rover_alvin: 0.0.1

devino-sms: 0.0.2

bitmovin_api: 0.0.4

moving-words: 0.0.3

actioncontroller-parameter-filter: 0.0.2

multi-movingsign: 0.0.1

abbish-sequel_plugins: 0.0.6

forgiving-nil: 0.0.2

37_pieces-of-flair: 0.0.1

3months-staff_schedule: 0.0.3

99designs_tasks: 0.0.7

a1510jy-bmi: 0.1.0

a1520mk-exercise4: 0.1.5

aasm-active-fedora: 0.1.2

a1501da-birthday: 0.1.0

aasm-history: 0.1.3

a1508ki-ika: 0.1.0

a15745105-ichinoki: 0.4.4

a1616ts-gem: 0.1.0

a1624-bmi: 0.1.0

a1535yt-gem: 0.1.0

a1447ll-mini_test: 0.1.0

a1630ty-a1630ty: 0.2.0

a1521hk-age: 0.1.1

a1632ma-ano: 0.1.0

a15745105-ichinokii: 0.1.7

a15z7kn-niitsuma_2016_gem: 0.1.0

a-special-day: 0.0.2

a1521hk-minitest-practice: 0.1.0

a14z6ch-elapsed-days: 0.0.5

a1439ty-bmiV3: 0.0.3

a1420ks-bmi: 0.1.1

a1412tk-bmi: 0.0.3

allocation-stats: 0.1.5

alerty-plugin-datadog-event: 0.1.4

1-as-identity_function: 1.0.1

alexa-plugin_generator: 0.2.0

a1437ky-bmi3: 0.0.1

fluent_plugin-stats: 0.4.0

a1330ks-bmi: 0.0.1

active-record_stats: 0.1.5

foot-stats: 0.1.0

a1447ll-test: 0.0.1

active-scaffold_batch_vho: 3.1.7

airbrake_statsd: 0.2.1

belong_plugin-rds-pgsql-log: 0.3.2

cocoapods_fixbugs-plugin: 0.1.0

a_test-gem: 0.0.19

autoproj_stats: 0.1.0

arproxy-plugin-mysql-casual_log: 0.1.0

gamer-stats: 0.2.5

bunto-test_plugin: 1.0.0

chef_handler-statsd: 1.0.1

codestats_metrics-reporter: 0.1.13

atlassian-plugin_installer: 0.1.3

apptuit_fluent-plugin: 0.1.3

admiral-stats_parser: 1.17.1

education-stats: 1.0.0

bunto-test_plugin_malicious: 1.0.0

em_statsd-ruby: 1.0.3

emque_stats: 1.1.0

fluent_plugin-datadog-statsd: 0.0.4

commonmarker_pluggable: 0.3.0

halo-stats: 1.0.3

active-redis_stats: 0.1.3

blade-sauce-labs_plugin: 0.7.3

github_org-stats: 0.1.0

fluent_plugin-statsd: 1.0.3

fluent_plugin-statsd-event: 0.1.1

cap_drupal-multisite: 0.3.2

arctica_autorization-rails-plugin: 0.1

gitstats_rb: 2.0.0

dradis_nmap: 3.15.0

get-stats: 0.3

fluent_plugin-statsd-output: 1.4.2

fluent_plugin-stats-notifier: 0.0.5

github_release-stats: 0.0.2

fluent-plugin-haproxy-stats: 0.1.1

gitstats_ruby: 1.0.1

wordify-stuckiest: 1.1.0

fluent_plugin-dogstatsd: 0.0.6

jenkins-statsd: 0.3.1

alerty-plugin-amazon-sns: 0.0.6

em_statsd: 1.0.0

alerty_plugin-ikachan: 0.0.1

alerty_plugin-mail: 0.0.2

alerty_plugin-slack: 0.0.1

danger_apkstats: 0.2.0

contributors-stats: 1.0.0

active-model-password: 1.0.3

activeadmin-jfu_upload: 0.1.8

acts-as_explorable: 0.1.1

claide_plugins: 0.9.2

alephant_logger-statsd: 0.0.4

angular_file-upload-rails: 1.6.1.2

a1436mm-age: 0.0.3

batali_infuse: 0.2.2

bosh_plugin-pipeline: 0.2.1

bosh-cli_plugin_consul: 0.1.0

capistrano_stats: 1.1.1

bosh-lastpass_plugin: 0.0.4

active-model-better_errors: 1.6.7

bosh-cli_plugin_redis: 0.2.3

acts-as_better_tree: 1.0.0

artisan_plugin: 0.0.2

arethusa-plugin_generator: 0.0.1

spider_src: 0.1.7

alphabetical-paginate: 2.3.4

http-statsd: 0.0.2

alphabetical-paginate_uk: 1.0.1

bankgiro-inbetalningar: 1.2.0

beta_pod: 1.3.0

fluent_plugin-statsite: 0.0.7

spider_gazelle: 3.2.0

fluent_plugin-dogstatsd-mediba: 0.0.9

omniauth_mixer: 0.1.2

spider-html: 0.1.9

font_stack: 0.1.2

apress_api: 1.24.0

apress_documentation: 0.4.0

apress_moysklad: 0.1.0

ascii-press: 0.5.2

batsd_dash: 0.5.0

batch-translations: 0.1.3

batch-it: 0.1.0

commission-junction_stats: 0.0.2

active-model-password_reset: 1.0.9

batch_rails2: 0.2.0

cache-stats: 0.0.1

basic_stats: 0.0.2

aem_deploy: 0.1.26

batali_wedge: 0.1.2

airbrake-stats: 0.0.1

batali_tk: 0.2.4

3months-staff-schedule: 0.0.3

autoexec-bat: 0.1.1

api-batch: 0.1.1

ba-upload: 0.1.0

activerecord-pluck-in_batches: 0.2.1

admob-site_stats: 0.0.1

activerecord-suppress-range_error: 0.1.1

font_awesome-sass-c: 4.7.2

font_awesome-sass-mixins: 4.7.0

font_awesome-sassc: 4.7.1

font_fabulous: 1.0.5

font_awesome-sass: 5.12.0

font-assets: 0.1.14

benchmark_plot: 0.1.1

bbs-uploader: 0.1.6

aws_s3-deploy: 0.3.0

aws_codedeploy-agent: 0.1.0

auto_deploy-test: 0.1.19

api-deploy: 0.1.0

amoeba-deploy_tools: 0.0.10

batch_rails: 1.3.1

active-explorer: 0.0.9

batch-insert: 1.0

catarse-paypal_express: 3.0.2

cafepress-api: 0.3.2

bunto_press: 0.2.1

activerecord_postgresql-expression: 0.0.2

active-press: 0.1.0

resque-stuck_queue: 0.5.2

drupal-fu: 0.0.1

capistrano3_drupal: 0.0.1

git-team_stats: 0.0.1

commandsy_plugin: 0.0.1

cocoapods_icemobile-plugin: 0.0.8

alphabet_rocker: 0.1.1

bosh_plugin-generator: 0.0.1

brightbox_boxgrinder-plugins: 0.0.6

audio-mixer-sox: 1.0.3

batman_rails: 0.16.1

font_league: 1.0.0

alphabetic-paginate: 0.0.12

spider_node: 0.0.1

archive-uploader: 0.2

applogger_ruby: 0.5.3

selenium-spider: 0.1.2

ar_find-in-batches-with-order: 0.0.2

batch-actions: 0.0.2

administrate_field-password: 0.0.4

acts-as_keywordable: 0.0.9

arb-spider: 1.1.2

apress_changelogger: 0.0.1

royal-mail_scraper: 1.0.1

stuck-it_up: 0.1.0

spider-monkey: 0.0.11

backstop_deploys: 0.0.6

royal-mail_api: 0.1.1

battle_on: 0.0.4

battery-growl: 0.0.1

battering-ram: 0.0.1

beta-tools: 0.0.5

spider-bot: 0.0.5

awesome-print_carrier_wave_uploader: 0.0.1

dradis_ntospider: 3.15.0

beta-invites: 0.0.1

adwords-scraper: 0.0.2

bedrock_capistrano-uploads: 0.0.1

active-record_samplooper: 0.0.7

app_deployer: 0.0.3

lines-mixer: 0.0.1

aws-upload: 0.0.1

language-mixer: 0.0.1

font_roboto-rails: 0.0.3

aws-blue_green_deploy: 0.0.1

batched-query: 0.0.1

speed-spider: 0.0.2

asset-uploader: 0.0.3

movie-spider: 0.0.2

murmuring-spider: 0.0.2

batch-audio_convert: 0.2.0-x86_64-linux

secondhand_spider: 0.0.1

acpc-poker_player_proxy: 1.6.7

acpc-poker_types: 7.8.6

acpc-poker_match_state: 2.2.1

acpc-poker_basic_proxy: 3.2.2

active-admin-advanced_create_another: 0.1.1

active-admin_theme: 1.1.1

about-pos: 2.0.0

abstract-importer: 1.6.0

acceptance-tests_support: 1.0.2

act-blue_reporter: 0.1.0

action-component: 0.1.4

acpc-poker-player_proxy: 1.6.7

active-admin_import: 4.2.0

accessible-tooltip: 1.0.9

cards-lib: 0.2.5

acquia-toolbelt: 2.4.1

game-shuffle_cards: 1.0.5

act-as_importable: 0.0.11

active-model-policy: 0.0.1

acpc-poker-types: 7.8.6

ackintosh-net-empty-port: 0.0.1

acts-as_crafter: 1.0.0

lang-cards: 1.0.0

acpc-poker-basic_proxy: 3.2.2

active-tools: 0.2.5

acpc-poker-match_state: 2.2.1

workarea-gift-cards: 4.0.1

access-policy-rails: 0.0.2

twitter-cards: 0.1.0

damn_weather: 0.1.3

cinch_weatherman: 1.0.5

dark-sky_weather: 0.1.0

hack-cards: 0.0.4

barometer-weather-bug: 0.1.0

activerecord_db-tools: 0.0.1

ruby-playing_cards: 0.0.2

enpit-weather: 0.1.0

playing-cards: 0.0.2

airservice-build_tools: 0.0.9

ellen_weather: 0.0.1

rubylove-playing-cards: 0.0.1

current-weather: 0.0.4

fortnite-api: 0.2.0

rspec-candy: 0.5.1

candy_-sql: 0.1.0

candy-check: 0.2.1

referral-candy: 0.1.0

cinch_logsearch: 1.0.2

capistrano_telegram-notification: 0.1.1

chef-partial-search: 1.0.7

capistrano_telegram: 1.0.0

bin-search: 0.1

blinkman-twitter-search: 0.1.0

capistrano-telegram-notification: 0.1.1

barely-searchable: 1.0.0

jaconda-telegram: 1.0

binary-search_tree: 2.2

beerdb-api: 0.1.1

cloud-search: 0.2.0

biblesearch_api: 1.2.0

blacklight-advanced_search: 7.0.0

binary-search_frequency: 0.0.3

aws_elasticsearch: 0.1.0

beer-bash: 0.1.0

telegram-meetup_bot: 0.3.0

lita_onewheel-beer-apex: 0.2.7

bisearch-enzim_hu: 0.0.4

lita_onewheel-beer-baileys: 3.8.8

telegram_bot-types: 0.6.1

telegram-bot_ruby: 0.1.7

lita_onewheel-beer-base: 2.0.8

administrate-field-belongs-to_search: 0.7.0

telegram-bot_middleware: 0.3.2

lita_onewheel-beer-craftpourhouse: 1.0.0

lita_onewheel-beer-loyal-legion: 0.1.3

lita_onewheel-beer-tin-bucket: 0.1.3

activeadmin-searchable-select: 1.2.0

lita_onewheel-beer-wework: 2.3.0

lita_telegram: 0.1.0

telegram-bot_api: 0.1.0

ruboty_telegram: 1.0.0

telegram_bot-ruby: 0.12.0

aliyun-open-search: 0.6.0

lita_telegram-plus: 0.1.2

city-search: 0.0.4

chef_cloudsearch: 0.0.2

aws-cloud_search: 0.0.2

active-search: 1.0.1

amazon_search: 1.4.4

alchemy-pg-search: 1.2.0

arel-search: 0.0.5

lita_onewheel-beer-abvpub: 0.0.1

apple-store_search: 0.0.5

dog-biscuits: 0.5.9

attr-searchable: 0.0.7

lita_onewheel-beer-btu: 0.0.0

datadog_notifications: 0.6.2

lita_onewheel-beer-growlers: 0.0.1

cat_dog: 1.0.0

lita_onewheel-beer-pints: 0.0.6

acts-as_fuzzy_search: 0.0.1

lita_onewheel-beer-upperlip: 0.0.1

alerty_plugin-datadog-event: 0.1.4

airbrake_api: 4.6.1

dragonfly_cloudinary-datastore: 0.1

dragonfly_activerecord: 1.0.0

rate-beer: 0.0.2

dragonfly_cloudinary: 0.1.1

lita_onewheel-beer-wayfinder: 0.0.3

first-gem_rakesh: 0.1.0

ad-search: 0.0.2

fig-rake: 0.9.3

crl-watchdog: 1.0.0

datadog_cli: 0.1.16

adapter_elasticsearch: 0.0.4

datadog-apm: 0.9.0

airbrake-notifying_threads: 0.1.1

beer-in_the_evening: 0.0.7

dogapi_demo: 0.1.0

cordova_rake: 0.5.2

blinkist_airbrake-scrubber: 4.1.1

bard_rake: 0.17.3

airbrake-user_attributes_rails5: 0.2.0

fluent_plugin-airbrake-logger: 0.1.0

airbrake-proxy: 0.1.2

fluent_plugin-airbrake-python: 0.2

datadog-proxy: 0.0.6

airbrake-user_attributes: 0.1.6

telegram-notifications: 0.0.1

doge-linguist: 0.1.0

doge-helper: 0.1

bulldoggy_filesystem: 0.0.1

chef_handler-datadog-demo: 0.2.0

capistrano_airbrake: 0.1.1

capistrano_rake: 0.2.0

capistrano_runit-rake: 0.2.0

dradis_brakeman: 3.15.0

delayed_plugins-airbrake: 1.1.0

doge_chef-formatter: 0.0.1

cucumber-rake_runner: 0.0.3

danger_brakeman: 0.0.1

doge-woof: 0.1.10

dot-rake_tasks_in_rails: 0.0.1

execute-with_rescue_with_airbrake: 0.0.3

airbrake_graylog2: 0.0.4

ceedling_autorake: 0.0.2

dt_rake: 0.0.3

brakeman-translate_checkstyle_format: 0.0.1

chalk_rake: 0.0.3

branch-raker: 0.0.6

CPE External links

https://thehackernews.com/2020/04/rubygem-typosquatting-malware.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.



###SIDEBAR###