MAL-2025-46892 Malicious code in actions-runner-admin (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8bf5c8993e97e4a8a3f91ab4b6b7618dc0f73864793854b4458516ece843a6db The OpenSSF Package Analysis project identified 'actions-runner-admin' @ 99.99.99 rubygems as malicious. It is considered malicious because: - T...

MAL-2025-46894 Malicious code in authnd-client (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9da591ec2002916d80cd089745cfa963d18744916bf5db914f1fc0b14e117a5e The OpenSSF Package Analysis project identified 'authnd-client' @ 99.99.99 rubygems as malicious. It is considered malicious because: - The...

Malicious code in authnd-client (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9da591ec2002916d80cd089745cfa963d18744916bf5db914f1fc0b14e117a5e The OpenSSF Package Analysis project identified 'authnd-client' @ 99.99.99 rubygems as malicious. It is considered malicious because: - The...

Malicious code in badge-ruler (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 34de70c9a9c01b43d1728b2a20d6eada0fe0a1e925866f4546057dc5fb7aa737 The OpenSSF Package Analysis project identified 'badge-ruler' @ 0.0.2 rubygems as malicious. It is considered malicious because: - The package...

Malicious code in dependency-graph-platform-proto (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c8feb4336c26b61a10aec616c9f9f8777fcdd99ab55df96c82ca78bd088530b9 The OpenSSF Package Analysis project identified 'dependency-graph-platform-proto' @ 99.99.99 rubygems as malicious. It is considered malicious...

Malicious code in delorean_client (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 91b594e6698684765fbf40d5f103e207d5e6166eeafd80ba5690100cab008a4c The OpenSSF Package Analysis project identified 'deloreanclient' @ 0.4.0.r09ee7b0 rubygems as malicious. It is considered malicious because: - T...

MAL-2025-46890 Malicious code in actions-broker (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 74e6328258aafc966c6b402300419e91c804d4e8986faeb14ef8419775cb13b5 The OpenSSF Package Analysis project identified 'actions-broker' @ 99.99.99 rubygems as malicious. It is considered malicious because: - The...

Malicious code in actions-broker (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 74e6328258aafc966c6b402300419e91c804d4e8986faeb14ef8419775cb13b5 The OpenSSF Package Analysis project identified 'actions-broker' @ 99.99.99 rubygems as malicious. It is considered malicious because: - The...

MAL-2025-46906 Malicious code in egress (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ee02802f5d94f135856b832109948906e7a3a39fbea753561a4d518a1d4e889f The OpenSSF Package Analysis project identified 'egress' @ 1.68.g52b0cd0 rubygems as malicious. It is considered malicious because: - The packag...

MAL-2025-46902 Malicious code in dependency-snapshots-api-proto (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 631057766f092650ba1257605bb896b689804a362934a08e7354ca7253f43b77 The OpenSSF Package Analysis project identified 'dependency-snapshots-api-proto' @ 99.99.99 rubygems as malicious. It is considered malicious...

MAL-2025-41805 Malicious code in omniauth-pro-sante-connect (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Linux Distros Unpatched Vulnerability : CVE-2012-2125

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a...

Linux Distros Unpatched Vulnerability : CVE-2019-8321

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::UserInteractionverbose calls say without escaping, escape sequence injection is...

Linux Distros Unpatched Vulnerability : CVE-2019-8324

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could...

RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changes

A fresh set of 60 malicious packages has been uncovered targeting the RubyGems ecosystem by posing as seemingly innocuous automation tools for social media, blogging, or messaging services to steal credentials from unsuspecting users and likely resell them on dark web forums like Russian Market...

MAL-2025-6629 Malicious code in webpack-dev-server (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-6628 Malicious code in maventa_utils (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-6627 Malicious code in maventa_common (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in maventa_common (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-6385 Malicious code in icare (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5ef3fd9f7c979ad17316b55bd4b33311a8afc4966f82955133c709fef2b53e84 The OpenSSF Package Analysis project identified 'icare' @ 1.0.0 rubygems as malicious. It is considered malicious because: - The package...