Vulnerability Details CVE-2019-15224
The rest-client gem 1.6.10 through 1.6.13 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions <=1.6.9 and >=1.6.14 are unaffected.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.022
EPSS Ranking 83.6%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2019-15224
-
cpe:2.3:a:rest-client_project:rest-client:1.6.10
-
cpe:2.3:a:rest-client_project:rest-client:1.6.11
-
cpe:2.3:a:rest-client_project:rest-client:1.6.12
-
cpe:2.3:a:rest-client_project:rest-client:1.6.13