Malicious Remote Code Execution Backdoor Discovered in a Popular Gem — Last week, a malicious version (v22.214.171.124) of the bootstrap-sass package was published with a backdoor that could allow third parties to run arbitrary Ruby code passed via cookie. If you are using bootstrap-sass, check the version you’re using and upgrade if appropriate.
Appears in lists (1)
More like this (4)
Staying Ahead of Security Vulnerabilities with Security Patches — Snyk specializes in open source security and...