This help site has been deprecated. Please send your requests to support@rubygems.org

Malicious Libraries Uploaded to RubyGems Repository

Edit

Tya Hariharan

21 Apr, 2020 10:47 PM

Hi,

We just heard that malicious libraries were uploaded to RubyGems. My question here is, how can we find out which libraries are malicious or whether we have installed them? Do you plan on publishing a list?

Thanks,
Tya

Support Staff 1 Posted by sonalkr132 on 25 Apr, 2020 09:10 PM

Hi Tya,

We maintain a wiki for most of them gems we removed for security reasons, you can find it here: https://github.com/rubygems/rubygems.org/wiki/Gems-yanked-and-accou...

whether we have installed them?

Note that your host could have only installed the gem if you or any of the libraries you used made a typo matching the above mentioned list.
- Edit

Discussions are closed to public comments.
If you need help with RubyGems.org please start a new discussion.

New Issue
Conversation Started

A conversation has been started with the RubyGems.org staff to resolve this discussion.
Close the discussion Close the discussion

Private Permissions

This discussion is private. Only you and RubyGems.org support staff can see and reply to it.

Public Permissions

This discussion is public. Everyone can see and reply to it.

Comments Feed

Keyboard shortcuts

Generic

?	Show this help
ESC	Blurs the current field

Comment Form

r	Focus the comment reply box
^ + ↩	Submit the comment

You can use Command ⌘ instead of Control ^ on Mac

Recent Discussions

	14 May, 2022 10:10 AM	How to get back your natural sleep cycle?
	11 May, 2022 10:03 AM	iui treatment india with high success rate
	10 May, 2022 06:38 AM	abscess Drainage Catheter, bilbao dotter catheter
	04 May, 2022 12:04 PM	unable to comment on post
	30 Apr, 2022 02:34 PM	gem push says there is already too similar gem name

Recent Articles

	Supporter FAQ
	FAQ
	Removing an accidentally pushed gem
	Removing a published RubyGem
	Common Problems