Improper Control of Generation of Code ('Code Injection')
The rest-client gem for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party.
Advisories for Gem/Cron_parser package
2019
The rest-client gem for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party.