Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2016-7954

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this...

9.8CVSS8.5AI score0.07541EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.13 views

RHEL 6 : rubygem-bundler (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - rubygem-bundler: Code execution via gem name collision in bundler CVE-2016-7954 Note that Nessus has not tested for...

9.8CVSS9.7AI score0.07541EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.16 views

RHEL 6 : rubygem-bundler (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - rubygem-bundler: Code execution via gem name collision in bundler CVE-2016-7954 Note that Nessus has not tested for...

9.7AI score0.07541EPSS
Exploits1References1
OSV
OSV
added 2016/12/22 10:59 p.m.8 views

CVE-2016-7954

Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334...

9.8CVSS9.4AI score
Exploits0References8
NVD
NVD
added 2016/12/22 10:59 p.m.17 views

CVE-2016-7954

Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334...

9.8CVSS9.5AI score0.07541EPSS
Exploits1References8
UbuntuCve
UbuntuCve
added 2016/12/22 10:59 p.m.32 views

CVE-2016-7954

Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334...

9.8CVSS7.4AI score0.07541EPSS
Exploits1References3
Cvelist
Cvelist
added 2016/12/22 10:0 p.m.30 views

CVE-2016-7954

Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334...

9.4AI score0.07541EPSS
Exploits1References8
CVE
CVE
added 2016/12/22 10:0 p.m.75 views

CVE-2016-7954

CVE-2016-7954 affects Bundler 1.x, where a gem name collision on a secondary source can enable remote code execution in a Ruby application. The issue arises from multiple top-level source lines allowing a malicious gem with the same name as a legitimate gem to be pulled from a different source, a...

9.8CVSS9.2AI score0.07541EPSS
Exploits1References8Affected Software1
Debian CVE
Debian CVE
added 2016/12/22 10:0 p.m.20 views

CVE-2016-7954

Removed by vendor...

9.8CVSS9.4AI score0.07541EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2016/10/05 12:47 p.m.32 views

CVE-2016-7954

Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334...

9.8CVSS9AI score0.07541EPSS
Exploits1References2
Rows per page
Query Builder