22 matches found
CVE-2025-43809
creationtimestamp| type| source ---|---|--- 2025-09-19 22:22:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lz7voac2pl2g...
com.liferay.maven.plugins:liferay-maven-plugin (>=6.0.2 <=6.0.6), com.liferay.portal:util-taglib (>=6.0.2 <=6.0.6) +3 more potentially affected by CVE-2025-43809 via com.liferay.portal:portal-impl (>=6.0.2 <=6.0.6)
com.liferay.portal:portal-impl MAVEN version =6.0.2, =6.0.2, =6.0.2, =2.4, =1.0, =2.0, =2.5 Source cves: CVE-2025-43809 Source advisory: SNYK:JAVA-COMLIFERAYPORTAL-13003719...
RLSA-2025:7539 Moderate: ruby:2.5 security update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: oniguruma: integer overflow in searchinrange function in regexec.c leads to out-of-bounds read CVE-2019-19012 rubygem-bundler:...
Debian: Security Advisory (DLA-4163-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:3873-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : rubygem-bundler (SUSE-SU-2024:3873-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3873-1 advisory. - CVE-2021-43809: Fixed remote execution via Gemfile argument injection bsc1193578 Tenable has extracted...
openSUSE Security Advisory (SUSE-SU-2024:3873-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for rubygem-bundler
This update for rubygem-bundler fixes the following issues: CVE-2021-43809: Fixed remote execution via Gemfile argument injection bsc1193578 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...
SUSE-SU-2024:3873-1 Security update for rubygem-bundler
This update for rubygem-bundler fixes the following issues: - CVE-2021-43809: Fixed remote execution via Gemfile argument injection bsc1193578...
CVE-2024-43809
creationtimestamp| type| source ---|---|--- 2024-08-16 17:54:06+00:00| seen| https://t.me/cvedetector/3345...
CVE-2023-43809
creationtimestamp| type| source ---|---|--- 2023-10-05 00:13:40+00:00| seen| https://t.me/cibsecurity/71645...
CVE-2023-43809 Soft Serve Public Key Authentication Bypass Vulnerability when Keyboard-Interactive SSH Authentication is Enabled
Soft Serve is a self-hostable Git server for the command line. Prior to version 0.6.2, a security vulnerability in Soft Serve could allow an unauthenticated, remote attacker to bypass public key authentication when keyboard-interactive SSH authentication is active, through the allow-keyless...
CVE-2023-43809
CVE-2023-43809 affects Soft Serve (Git server) prior to v0.6.2. The vulnerability stems from insufficient validation of the public-key step during the SSH handshake when keyboard-interactive authentication is enabled, allowing an unauthenticated, remote attacker to bypass public-key authenticatio...
CVE-2022-43809
creationtimestamp| type| source ---|---|--- 2023-01-01 07:15:41+00:00| seen| https://t.me/cibsecurity/55693...
Mageia: Security Advisory (MGASA-2022-0102)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated ruby packages fix security vulnerability
Command injection in ruby bundler. CVE-2021-43809...
MGASA-2022-0102 Updated ruby packages fix security vulnerability
Command injection in ruby bundler. CVE-2021-43809...
CVE-2021-43809
Bundler is a package for managing application dependencies in Ruby. In bundler versions before 2.2.33, when working with untrusted and apparently harmless Gemfile's, it is not expected that they lead to execution of external code, unless that's explicit in the ruby code inside the Gemfile itself...
CVE-2021-43809
creationtimestamp| type| source ---|---|--- 2021-12-08 22:22:54+00:00| seen| https://t.me/cibsecurity/33635...
BELL-CVE-2021-43809 CVE-2021-43809 does not affect BellSoft software
Bulletin has no description...