CVE-2018-3779

Name of the Vulnerable Software and Affected Versions active-support ruby gem version 5.2.0

Description The issue is related to the presence of a malicious backdoor in the active-support ruby gem, which could allow a remote attacker to execute arbitrary code on the system. This is caused by the gem containing hidden malicious code. An attacker could exploit this to execute arbitrary code on the system. The gem is a trojan horse that duplicates the official activesupport gem but adds a compiled extension. This extension attempts to resolve a base64 encoded domain, downloads a payload, and executes it.

Recommendations For active-support ruby gem version 5.2.0, consider removing or avoiding the use of this gem entirely, as no version is considered safe. As a temporary workaround, consider restricting access to any systems that have this gem installed to minimize the risk of exploitation. Avoid using any functionality provided by this gem until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.