113 matches found
rest-client Gem Contains Malicious Code
The rest-client gem 1.6.10 through 1.6.13 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Users of an affected version should consider downgrading to the last non-affected version of 1.6.9, or upgrading to 1.7.x. Additionally, a set of other...
Malicious Package
rest-client is a malicious package. The package evaluates code stored on a remote server pastebin.com and upon execution of the malicious code on the victim system, sends system information to mironanoru.zzz.com.ua...
CVE-2019-15224
The rest-client gem 1.6.10 through 1.6.13 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions =1.6.14 are unaffected...
CVE-2019-15224
The rest-client gem 1.6.10 through 1.6.13 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions =1.6.14 are unaffected...
CVE-2019-15224
The rest-client gem 1.6.10 through 1.6.13 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions =1.6.14 are unaffected...
CVE-2019-15224
CVE-2019-15224 affects the Ruby rest-client gem; versions 1.6.10–1.6.13 on RubyGems.org included a code-execution backdoor inserted by a third party. Versions 1.6.9 and earlier are not affected, and 1.6.14+ are also not affected. The compromise leads to remote code execution via the gem’s code pa...
CVE-2019-15224
The rest-client gem 1.6.10 through 1.6.13 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions =1.6.14 are unaffected...
CVE-2019-15224
The rest-client gem 1.6.10 through 1.6.13 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions =1.6.14 are unaffected...
Code execution backdoor in rest-client
The rest-client gem 1.6.13 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party...
Postman 6.3.0 Improper Certificate Validation Vulnerability
Exploit for hardware platform in category web applications Product: Postman standalone Manufacturer: Postman Affected Versions: 6.3.0 and older Tested Versions: 6.2.2 x64 Windows and Linux, 6.3.0 Vulnerability Type: Improper Certificate Validation CWE-295 Risk Level: Medium Solution Status: Open...
rest-client Gem Vulnerable to Session Fixation
REST client for Ruby aka rest-client versions 1.6.1.a until 1.8.0 allow remote attackers to conduct session fixation attacks or obtain sensitive cookie information by leveraging passage of cookies set in a response to a redirect...
GHSA-MX9F-W8QQ-Q5JF rest-client allows local users to obtain sensitive information by reading the log
REST client for Ruby aka rest-client before 1.7.3 logs usernames and passwords, which allows local users to obtain sensitive information by reading the log...
rbovirt uses the rest-client gem with SSL verification disabled
The rbovirt gem before 0.0.24 for Ruby uses the rest-client gem with SSL verification disabled, which allows remote attackers to conduct man-in-the-middle attacks via unspecified vectors...
rest-client allows local users to obtain sensitive information by reading the log
REST client for Ruby aka rest-client before 1.7.3 logs usernames and passwords, which allows local users to obtain sensitive information by reading the log...
GHSA-WW79-8XWV-932X rbovirt uses the rest-client gem with SSL verification disabled
The rbovirt gem before 0.0.24 for Ruby uses the rest-client gem with SSL verification disabled, which allows remote attackers to conduct man-in-the-middle attacks via unspecified vectors...
rest-client session fixation vulnerability
The rest-client aka REST Client is one of those simple HTTP and REST clients. A session fixation vulnerability exists in rest-client. An attacker can exploit this vulnerability to hijack a session or gain access to sensitive information...
Session fixation
REST client for Ruby aka rest-client before 1.8.0 allows remote attackers to conduct session fixation attacks or obtain sensitive cookie information by leveraging passage of cookies set in a response to a redirect...
CVE-2015-1820
REST client for Ruby aka rest-client before 1.8.0 allows remote attackers to conduct session fixation attacks or obtain sensitive cookie information by leveraging passage of cookies set in a response to a redirect...
CVE-2015-1820
REST client for Ruby aka rest-client before 1.8.0 allows remote attackers to conduct session fixation attacks or obtain sensitive cookie information by leveraging passage of cookies set in a response to a redirect...
DEBIAN-CVE-2015-1820
REST client for Ruby aka rest-client before 1.8.0 allows remote attackers to conduct session fixation attacks or obtain sensitive cookie information by leveraging passage of cookies set in a response to a redirect...