RubyGems package
omniauth-weibo-oauth2
pkg:gem/omniauth-weibo-oauth2
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-17268 | Cri | 9.8 | >= 0.4.6, < 0.5.1 | 0.5.1 | Feb 7, 2020 | The omniauth-weibo-oauth2 gem 0.4.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions through 0.4.5, and 0.5.1 and later, are unaffected. |
- affected >= 0.4.6, < 0.5.1fixed 0.5.1
The omniauth-weibo-oauth2 gem 0.4.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions through 0.4.5, and 0.5.1 and later, are unaffected.