Sha256: 69097cee65a8491104fa04b2ab80b52589d1671cf591dfb44072e27055a6a0d9
Contents?: true
Size: 614 Bytes
Versions: 1
Compression:
Stored size: 614 Bytes
Contents
---
gem: cron_parser
cve: 2019-15224
ghsa: 333g-rpr4-7hxq
url: https://github.com/rubygems.org/issues/2097
date: 2019-08-20
title: Code execution backdoor in cron_parser
description: |
The cron_parser gem 0.1.4, 1.0.12, and 1.0.13 as distributed on RubyGems.org, included a
code-execution backdoor inserted by a third party.
No unaffected version is known to exist, as the gem appears to have been entirely removed.
unaffected_versions:
- "< 1.0.12"
- "> 1.0.13"
- "< 0.1.4"
- "> 0.1.4"
related:
url:
- https://github.com/rubygems/rubygems.org/wiki/Gems-yanked-and-accounts-locked#19-aug-2019
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| bundler-audit-0.7.0.1 | data/ruby-advisory-db/gems/cron_parser/CVE-2019-15224.yml |