bootstrap-sass is a Ruby gem, the official Sass port of Bootstrap 2 and 3. On March 26, 2019, a malicious version (version of this gem was published to the official RubyGems repository. This modified gem includes a stealthy backdoor that gives attackers remote command execution on server-side Rails applications.


Upgrade to the latest version of this Ruby gem (this issue was fixed in version


Related Vulnerabilities