EPSS
Percentile
82.9%
strong_password v0.0.7 is a malicious package. The vulnerability exists as it hides a remote code execution exploit in this version of the gem. The package contents from https://pastebin.com/raw/xa456PFt would then be executed.
https://pastebin.com/raw/xa456PFt
withatwist.dev/strong-password-rubygem-hijacked.html