{"uuid": "7b8d1ce3-3087-4142-8011-9e8cc1c10cca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21654", "type": "seen", "source": "https://t.me/arpsyndicate/2820", "content": "#ExploitObserverAlert\n\nCVE-2024-21654\n\nDESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-21654. Rubygems.org is the Ruby community's gem hosting service. Rubygems.org users with MFA enabled would normally be protected from account takeover in the case of email account takeover. However, a workaround on the forgotten password form allows an attacker to bypass the MFA requirement and takeover the account. This vulnerability has been patched in commit 0b3272a.", "creation_timestamp": "2024-01-16T01:31:14.000000Z"}