5 matches found
EUVD-2018-0484
Malware in sbrugna...
rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source
A flaw was found in the way Bundler determined the source repository when installing dependencies of source-restricted gem packages. In configurations that use multiple gem repositories and explicitly define from which source repository certain gems are to be installed, a dependency of a...
rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source
A flaw was found in the way Bundler determined the source repository when installing dependencies of source-restricted gem packages. In configurations that use multiple gem repositories and explicitly define from which source repository certain gems are to be installed, a dependency of a...
rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source
A flaw was found in the way Bundler determined the source repository when installing dependencies of source-restricted gem packages. In configurations that use multiple gem repositories and explicitly define from which source repository certain gems are to be installed, a dependency of a...
rubygem-bundler: 'bundle install' may install a gem from a source other than expected
A flaw was found in the way Bundler handled gems available from multiple sources. An attacker with access to one of the sources could create a malicious gem with the same name, which they could then use to trick a user into installing, potentially resulting in execution of code from the...