CVE-2019-14282

CVE-2019-14282

EPSS 3.1%

The simple_captcha2 gem 0.2.3 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/rubygems/rubygems.org/issues/2073 https://rubygems.org/gems/simple_captcha2/versions/https://snyk.io/vuln/SNYK-RUBY-SIMPLECAPTCHA2-455501