Search for packages
| purl | pkg:gem/rest-client@1.6.13 |
| Tags | Ghost |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-nfpt-w93k-dqa5
Aliases: CVE-2019-15224 GHSA-333g-rpr4-7hxq |
rest-client Gem Contains Malicious Code The rest-client gem 1.6.10 through 1.6.13 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Users of an affected version should consider downgrading to the last non-affected version of 1.6.9, or upgrading to 1.7.x. Additionally, a set of other minor gems have been partially or completely yanked and are included in this advisory. These include cron_parser, coin_base, blockchain_wallet, awesome-bot, doge-coin, capistrano-colors, bitcoin_vanity, lita_coin, coming-soon, and omniauth_amazon. |
Affected by 0 other vulnerabilities. Affected by 2 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-02T12:36:00.091886+00:00 | GitLab Importer | Affected by | VCID-nfpt-w93k-dqa5 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/rest-client/CVE-2019-15224.yml | 38.0.0 |
| 2026-04-01T15:57:38.646378+00:00 | GHSA Importer | Affected by | VCID-nfpt-w93k-dqa5 | https://github.com/advisories/GHSA-333g-rpr4-7hxq | 38.0.0 |