Lucene search
MitreCVELIST:CVE-2020-36327HistoryApr 29, 2021 - 2:28 a.m.
CVE-2020-36327
2021-04-2902:28:54
mitre
raw.githubusercontent.com
Bundler 1.16.0 through 2.2.9 and 2.2.11 through 2.2.16 sometimes chooses a dependency source based on the highest gem version number, which means that a rogue gem found at a public source may be chosen, even if the intended choice was a private gem that is a dependency of another private gem that is explicitly depended on by the application. NOTE: it is not correct to use CVE-2021-24105 for every “Dependency Confusion” issue in every product.
Related
alpinelinux
alpinelinux
CVE-2020-36327
2021-04-29 03:15:00
ubuntucve
ubuntucve
CVE-2020-36327
2021-04-29 00:00:00
cve
cve
CVE-2020-36327
2021-04-29 03:15:00
CVE-2021-24105
2021-02-25 23:15:00
nessus
nessus
AlmaLinux 8 : ruby:2.5 (ALSA-2022:0545)
2022-03-11 00:00:00
Oracle Linux 8 : ruby:2.5 (ELSA-2022-0545)
2022-02-16 00:00:00
Rocky Linux 8 : ruby:2.5 (RLSA-2022:0545)
2023-11-06 00:00:00
debiancve
debiancve
CVE-2020-36327
2021-04-29 03:15:00
osv
osv
CVE-2020-36327
2021-04-29 03:15:08
Dependency Confusion in Bundler
2021-05-24 18:12:33
Important: ruby:2.5 security update
2022-02-16 08:27:24
prion
prion
Type confusion
2021-04-29 03:15:00
Remote code execution
2021-02-25 23:15:00
cvelist
cvelist
oraclelinux
oraclelinux
ruby:2.5 security update
2022-02-16 00:00:00
ruby:2.7 security update
2021-08-06 00:00:00
ruby:2.6 security update
2022-02-16 00:00:00
github
github
Dependency Confusion in Bundler
2021-05-24 18:12:33
redhat
redhat
(RHSA-2022:0546) Important: ruby:2.5 security update
2022-02-16 08:26:23
(RHSA-2022:0548) Important: ruby:2.5 security update
2022-02-16 08:26:47
(RHSA-2022:0545) Important: ruby:2.5 security update
2022-02-16 08:27:24
rocky
rocky
ruby:2.5 security update
2022-02-16 08:27:24
ruby:2.7 security update
2021-08-05 14:06:16
ruby:2.6 security update
2022-02-16 08:26:13
mscve
mscve
Package Managers Configurations Remote Code Execution Vulnerability
2021-02-09 08:00:00
veracode
veracode
Dependency Confusion
2021-04-30 02:34:33
almalinux
almalinux
Important: ruby:2.5 security update
2022-02-16 08:27:24
Important: ruby:2.7 security update
2021-08-05 14:06:16
Important: ruby:2.6 security update
2022-02-16 08:26:13
archlinux
archlinux
[ASA-202106-14] ruby-bundler: insufficient validation
2021-06-01 00:00:00
redhatcve
redhatcve
CVE-2020-36327
2021-05-11 20:54:05
fedora
fedora
[SECURITY] Fedora 34 Update: ruby-3.0.2-149.fc34
2021-07-29 01:09:21
photon
photon
Critical Photon OS Security Update - PHSA-2021-0060
2021-07-13 00:00:00
Critical Photon OS Security Update - PHSA-2021-4.0-0060
2021-07-13 00:00:00
openvas
openvas
Fedora: Security Advisory for ruby (FEDORA-2021-36cdab1f8d)
2021-07-30 00:00:00
Mageia: Security Advisory (MGASA-2021-0579)
2022-01-28 00:00:00
kaspersky
kaspersky
KLA12073 Multiple vulnerabilities in Microsoft Developer Tools
2021-02-09 00:00:00
mageia
mageia
Updated ruby packages fix security vulnerability
2021-12-24 00:01:45
rapid7blog
rapid7blog
Patch Tuesday - February 2021
2021-02-09 23:51:27
