Lucene search
Veracode Vulnerability DatabaseVERACODE:20672HistoryJul 08, 2019 - 3:12 a.m.
Malicious Package
2019-07-0803:12:28
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
EPSS
0.009
Percentile
82.9%
strong_password v0.0.7 is a malicious package. The vulnerability exists as it hides a remote code execution exploit in this version of the gem. The package contents from https://pastebin.com/raw/xa456PFt would then be executed.
Related
osv
osv
prion
prion
Code injection
2019-07-08 14:15:00
github
github
rubygems
rubygems
nvd
nvd
CVE-2019-13354
2019-07-08 14:15:10
cvelist
cvelist
CVE-2019-13354
2019-07-08 13:26:10
cve
cve
CVE-2019-13354
2019-07-08 14:15:10