Add CVE-2019-15224 for rest-client (#405)

rubysec · Aug 20, 2019 · ddf5890 · ddf5890
1 parent ddeb4ee
commit ddf5890
Showing 1 changed file with 13 additions and 0 deletions.
diff --git a/gems/rest-client/CVE-2019-15224.yml b/gems/rest-client/CVE-2019-15224.yml
@@ -0,0 +1,13 @@
+---
+gem: rest-client
+cve: 2019-15224
+url: https://github.com/rest-client/rest-client/issues/713
+date: 2019-08-19
+title: Code execution backdoor in rest-client
+description: |
+  The rest-client gem 1.6.13 for Ruby, as distributed on RubyGems.org,
+  included a code-execution backdoor inserted by a third party.
+
+unaffected_versions:
+  - "<= 1.6.9"
+  - ">= 1.7.0.rc1"