MiracleLinux 8 : ruby:2.5 (AXSA:2022-3066:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3066:01 advisory. rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source CVE-2020-36327 Tenable has extracted the preceding...

MAL-2025-36327 Malicious code in test-mlw2-squab-cough (npm)

The package test-mlw2-squab-cough was found to contain malicious code...

TencentOS Server 3: rubygem-bundler (TSSA-2022:0191)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0191 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

CVE-2022-36327

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could allow an attacker to write files to locations with certain critical filesystem types leading to remote code execution was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk i...

Alibaba Cloud Linux 3 : 0054: ruby:2.7 (ALINUX3-SA-2021:0054)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0054 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-36327: Bundler 1.16.0 through 2.2...

openSUSE Security Advisory (SUSE-SU-2025:1294-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2025:1294-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : rubygem-bundler (SUSE-SU-2025:1294-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:1294-1 advisory. - CVE-2020-36327: Fixed bundler choosing a dependency source based on the highest gem version number, whi...

Security update for rubygem-bundler

This update for rubygem-bundler fixes the following issues: CVE-2020-36327: Fixed bundler choosing a dependency source based on the highest gem version number, which means that a rogue gem found at a public source may be chosen bsc1185842 Other fixes: - Updated to version 2.2.34 Patch...

SUSE-SU-2025:1294-1 Security update for rubygem-bundler

This update for rubygem-bundler fixes the following issues: - CVE-2020-36327: Fixed bundler choosing a dependency source based on the highest gem version number, which means that a rogue gem found at a public source may be chosen bsc1185842 Other fixes: - Updated to version 2.2.34...

Linux Distros Unpatched Vulnerability : CVE-2020-36327

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bundler 1.16.0 through 2.2.9 and 2.2.11 through 2.2.16 sometimes chooses a dependency source based on the highest gem version number, which means that a rogue g...

Rocky Linux 8 : ruby:2.5 (RLSA-2022:0545)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:0545 advisory. - Bundler 1.16.0 through 2.2.9 and 2.2.11 through 2.2.16 sometimes chooses a dependency source based on the highest gem version number, which means that a rogue...

CVE-2023-36327

creationtimestamp| type| source ---|---|--- 2023-09-01 20:15:12+00:00| seen| https://t.me/cibsecurity/69662...

CVE-2023-36327

Integer Overflow vulnerability in RELIC before commit 421f2e91cf2ba42473d4d54daf24e295679e290e, allows attackers to execute arbitrary code and cause a denial of service in pos argument in bngetprime function...

CVE-2023-36327

CVE-2023-36327 concerns the RELIC cryptography toolkit. The issue is an integer overflow in the function bn_get_prime for RELIC versions prior to commit 421f2e91cf2ba42473d4d54daf24e295679e290e. This vulnerability can allow an attacker to execute arbitrary code and cause a denial of service via t...

CVE-2022-36327

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could allow an attacker to write files to locations with certain critical filesystem types leading to remote code execution was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk i...

CVE-2022-36327 Path traversal vulnerability leading to an arbitrary file write in Western Digital devices

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could allow an attacker to write files to locations with certain critical filesystem types leading to remote code execution was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk i...

CVE-2022-36327

CVE-2022-36327 corresponds to a path traversal vulnerability in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi, and Western Digital My Cloud OS 5. The issue allows an attacker to write files to restricted filesystem locations, enabling remote code execution, and requires an authent...

CentOS 8 : ruby:2.5 (CESA-2022:0545)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:0545 advisory. - rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source CVE-2020-36327 Note that Nessus has not tested for this...

Important: Red Hat Security Advisory: rh-ruby26-ruby security, bug fix, and enhancement update

An update for rh-ruby26-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...