bootstrap-sass
bootstrap-sass gem backdoor enabled RCE.
The popular bootstrap-sass Ruby gem had malicious version 3.2.0.3 published to RubyGems.org after a likely maintainer account compromise. Rails applications that accepted the poisoned release inherited a backdoor in production code paths, turning a front-end asset dependency into a remote command execution channel.
- Date
- 2019-03-26
- Category
- Open Source
- Target Surface
- Package registry
- Insertion Phase
- distribution
- Impact
- Backdoor
- Cause
- Compromised Account/Credentials
What Was Affected
Package
bootstrap-sass
LanguageRuby
ComponentLibrary
Artifact typesource archive
Domain typepackage host
Domain
rubygems.org
Repository
github.com/twbs/bootstrap-sass
Compromised Versions
Incident Context
- Motive
- Unauthorized Access/Control
- Attribution
- Individual Hacker
- Transitive
- No
- User Impact
- 1477
- Observed Duration
- 0 days
Evidence
Compromised Artifacts
Current Artifacts and Analysis
Indicators and Changes
Hashes
sha256:366d6162fe36fc81dadc114558b43c6c8890c8bcc7e90e2949ae6344d0785dc0
External References
Source Data
Source record: oss/bootstrap-sass/meta.yaml