Rubygems · Omniauth-Weibo-Oauth2 · CVE-2019-17268
**Name of the Vulnerable Software and Affected Versions**
omniauth-weibo-oauth2 gem version 0.4.6
**Description**
The issue concerns a code-execution backdoor inserted by a third party into the omniauth-weibo-oauth2 gem for Ruby.
**Recommendations**
For version 0.4.6, update to a version outside the affected range, such as 0.4.5 or 0.5.1 and later, to resolve the issue.