Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZxcXYtdjltMi00OHAy
Bootstrap-sass contains code execution backdoor
Arbitrary code execution (via backdoor code) was discovered in bootstrap-sass 3.2.0.3, when downloaded from rubygems.org. An unauthenticated attacker can craft the ___cfduid cookie value with base64 arbitrary code to be executed via eval(), which can be leveraged to execute arbitrary code on the target system. Note that there are three underscore characters in the cookie name. This is unrelated to the __cfduid cookie that is legitimately used by Cloudflare.
Permalink: https://github.com/advisories/GHSA-vqqv-v9m2-48p2JSON: https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZxcXYtdjltMi00OHAy
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Critical
Classification: General
Published: over 5 years ago
Updated: over 1 year ago
CVSS Score: 9.8
CVSS vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Percentage: 0.44028
EPSS Percentile: 0.97432
Identifiers: GHSA-vqqv-v9m2-48p2, CVE-2019-10842
References:
- https://nvd.nist.gov/vuln/detail/CVE-2019-10842
- https://github.com/twbs/bootstrap-sass/issues/1195
- https://snyk.io/blog/malicious-remote-code-execution-backdoor-discovered-in-the-popular-bootstrap-sass-ruby-gem/
- https://snyk.io/vuln/SNYK-RUBY-BOOTSTRAPSASS-174093
- https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap-sass/CVE-2019-10842.yml
- https://github.com/advisories/GHSA-vqqv-v9m2-48p2
Blast Radius: 50.9
Affected Packages
rubygems:bootstrap-sass
Dependent packages: 417Dependent repositories: 155,544
Downloads: 64,920,268 total
Affected Version Ranges: = 3.2.0.3
Fixed in: 3.2.0.4
All affected versions:
All unaffected versions: 1.2.0, 1.2.1, 1.3.0, 1.3.1, 1.3.2, 1.4.0, 1.4.1, 1.4.2, 1.4.3, 1.4.4, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 3.3.3, 3.3.5, 3.3.6, 3.3.7, 3.4.0, 3.4.1