#BeatOpenSourceVulns

LOOK ALIVE Ruby users Did you know Ruby gem strong_password version 0.0.7 has been compromisedPeople have downloaded the pirated version & damaged their serviceSee #Meterian: https://hubs.ly/H0mTTxb0  #vulnerability #BeatOpenSourceVulns #ruby #rubyGems #opensource #AppSecpic.twitter.com/psWZFYow1f

.NET users ALERTThere's a #vulnerability in the ServiceStack FrameworkThis may compromise the #networks & #systems of unsuspecting #users See #Meterian : https://hubs.ly/H0mMpm20  #csharp #dotnet #net #netcore #dotnetcore #BeatOpenSourceVulns #opensource #risk #ITpic.twitter.com/fpuJ5kJWtZ

Another #NodeJS #vulnerabilityWARNINGThe csv-parse module before 4.4.6 for is #vulnerable to Regular Expression Denial of Service (ReDoS) See #Meterian, don't be at risk of #cyberattack: https://hubs.ly/H0mQB6f0  #vulnerability #opensource #AppSec #BeatOpenSourceVulns pic.twitter.com/TzhxgpxW9m

WARNING #Python usersthrough 5.6.5 python-psutil could result in double free#Attackers could use this issue to cause psutil to #crashdenial of service & execute arbitrary #code See #Meterian: https://hubs.ly/H0mK60R0  #BeatOpenSourceVulns #hack #risk #infosec #Devops #ITpic.twitter.com/gDG1Ek9hZ2

LOOK ALIVE #Ruby usersThe #Airbrake Ruby notifier 4.2.3 has mishandled the blacklist_keys configuration option This #vulnerability lets #attackers access sensitive info on a targeted systemSee #Meterian: https://hubs.ly/H0mMsqW0  #security #RubyonRails #BeatOpenSourceVulns pic.twitter.com/gQ6pM4i5Ru

HOLD UP http-file-server usersThere's an XSS #vulnerability in this third-party #NodeJS moduleDon't put yourself at risk of a #cyberattack See #Meterian for more info: https://hubs.ly/H0mSQJx0  #CyberResilience #HTML #risk #NodeJS #BeatOpenSourceVulns #IT #hackpic.twitter.com/YDHpr4law8

CALLING all #PHP users There's a #vulnerability in the Illuminate component of #Laravel Framework 5.7.x.This could have a negative impact on confidentiality/integrity/availability See #Meterian: https://hubs.ly/H0mRzTN0  #CyberSec #BeatOpenSourceVulns #cyberhack #IT #appsecpic.twitter.com/9pPBGpB31f

Warning all #java users Heard of Jackson Databind Pre- 2.9.9.2 #vulnerabilities#Hackers can gain remote access & control of invalid object-class See #Meterian: https://hubs.ly/H0mQyMv0  #json #jacksondatabind #BeatOpenSourceVulns #opensource #CyberSec #appsec #ITpic.twitter.com/TzdhSaWfUI

Do you use Ruby version 1.6.13 of rest-client Ruby gem has a #vulnerability #Meterian sees the #risks and knows which #components to remove or upgrade Check out: https://hubs.ly/H0mRWNM0  #cyberesilience #Ruby #risk #secure #restclient #hacker #BeatOpenSourceVulns pic.twitter.com/HdrSO1Bwys

Are you a #Ruby user Did you know there's a #vulnerability within the Ruby #makandra #consul #gem for all versions prior to & including 1.0.2 This is a serious #security flaw Check out #Meterian: https://hubs.ly/H0mQnYT0  Don't waste time #RubyonRails #BeatOpenSourceVulns pic.twitter.com/2Odv032P9w

#Python usersReportLab through 3.5.31 allows remote #code executionthis could affect confidentiality, integrity, & availability See #MeterianDon't be at risk of a #cyberattack :https://hubs.ly/H0mQnFY0  #BeatOpenSourceVulns #risk #hack #IT #vulnerability #Devops #Appsecpic.twitter.com/MsGSC2lHFg

Another #Ruby #vulnerability Ruby mini_magick v4.9.4 allows backdoor access to your application serverYou could be at risk to a #cyberattack #Meterian explains more: https://hubs.ly/H0mQnYS0  #BeatOpenSourceVulns #ruby #rubyGems #AppSec #cybersecurity #ITpic.twitter.com/G1ffgB82u4

Do you use #JavaThere's a vulnerability in #Apereo CAS #Hackers could impersonate #users & have access to sensitive #information #Meterian explains more:https://hubs.ly/H0mPMww0  #json #jacksondatabind #vulnerability #opensource #AppSec #DevSecOps #BeatOpenSourceVulns #ITpic.twitter.com/ObI0KGTnHX