all InfoSec news
Critical Gems Takeover Bug Reported in RubyGems Package Manager
May 11, 2022, 2:45 a.m. | noreply@blogger.com (Ravie Lakshmanan)
The Hacker News thehackernews.com
"Due to a bug in the yank action, it was possible for any RubyGems.org user to remove and replace certain gems even if that user was not authorized to do so," RubyGems said in a security advisory
bug critical gems manager package package manager rubygems takeover
More from thehackernews.com / The Hacker News
Jobs in InfoSec / Cybersecurity
XDR Detection Engineer
@ SentinelOne | Italy
Security Engineer L2
@ NTT DATA | A Coruña, Spain
Cyber Security Assurance Manager
@ Babcock | Portsmouth, GB, PO6 3EN
Senior Threat Intelligence Researcher
@ CloudSEK | Bengaluru, Karnataka, India
Cybersecurity Analyst 1
@ Spry Methods | Washington, DC (Hybrid)
Security Infrastructure DevOps Engineering Manager
@ Apple | Austin, Texas, United States