As outlined in https://snyk.io/blog/malicious-remote-code-execution-backdoor-discovered-in-the-popular-bootstrap-sass-ruby-gem/
TLDR
If you use bootstrap-sass version 3.2.0.3, just do bundle update bootstrap-sass and you’re good to go
Keep up to date with Rails on Twitter and This Week in Rails
Policies: Conduct, License, Maintenance, Security, Trademarks