Lucene search
K

23 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2019-3881

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user's home...

7.8CVSS7.2AI score0.00529EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.24 views

RHEL 8 : 2.5_rubygem-bundler (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - rubygem-bundler: Insecure permissions on directory in /tmp/ allows for execution of malicious code CVE-2019-3881 No...

7.8CVSS8AI score0.00529EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.25 views

RHEL 8 : rubygem-bundler (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - rubygem-bundler: Insecure permissions on directory in /tmp/ allows for execution of malicious code CVE-2019-3881 No...

7.2AI score0.00529EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/10/16 12:0 a.m.33 views

Ubuntu 18.04 ESM : Bundler vulnerability (USN-4870-1)

The remote Ubuntu 18.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-4870-1 advisory. It was discovered that Bundler incorrectly created directories with insecure permissions in /tmp. An attacker could write malicious libraries to this location for...

7.8CVSS7.2AI score0.00529EPSS
Exploits0References2
OSV
OSV
added 2021/11/05 11:3 a.m.5 views

OESA-2021-1419 rubygem-bundler security update

Bundler manages an application's dependencies through its entire life, across many machines, systematically and repeatably. Security Fixes: Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user's home...

7.8CVSS7AI score0.00529EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/07/22 12:0 a.m.33 views

Photon OS 4.0: Rubygem PHSA-2021-4.0-0060

An update of the rubygem package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-4.0-0060. The text itself is copyright C VMware, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

9.3CVSS7.9AI score0.06307EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.14 views

SUSE: Security Advisory (SUSE-SU-2020:1582-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.9AI score0.00529EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2021/01/07 12:0 a.m.50 views

Gitlab -- multiple vulnerabilities

Gitlab reports: Ability to steal a user's API access token through GitLab Pages Prometheus denial of service via HTTP request with custom method Unauthorized user is able to access private repository information under specific conditions Regular expression denial of service in NuGet API Regular...

7.8CVSS1.5AI score0.01529EPSS
Exploits0References1
Circl
Circl
added 2020/09/04 4:55 p.m.5 views

CVE-2019-3881

creationtimestamp| type| source ---|---|--- 2020-09-04 16:55:36+00:00| seen| https://t.me/cibsecurity/14482...

7.8CVSS6.5AI score0.00529EPSS
Exploits0References1
OSV
OSV
added 2020/09/04 12:15 p.m.28 views

CVE-2019-3881

Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user's home directory are not available. If Bundler is used in a scenario where the user does not have a writable home directory, an attacker could pla...

7.8CVSS6.6AI score0.00529EPSS
Exploits0References1
CVE
CVE
added 2020/09/04 12:0 a.m.322 views

CVE-2019-3881

CVE-2019-3881 affects Bundler prior to 2.1.0. The issue stems from an insecure, predictable temporary directory path in /tmp/ used to store gems when the user’s home directory is not writable. An attacker with local access could place a malicious file in this directory, which could later be loade...

7.8CVSS7.4AI score0.00529EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/07/20 12:0 a.m.33 views

openSUSE Security Update : rubygem-bundler (openSUSE-2020-803)

This update for rubygem-bundler fixes the following issue : - CVE-2019-3881: Fixed insecure permissions on a directory in /tmp/ that allowed malicious code execution bsc1143436. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive...

7.8CVSS7.2AI score0.00529EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/07/20 12:0 a.m.38 views

openSUSE Security Update : rubygem-bundler (openSUSE-2020-861)

This update for rubygem-bundler fixes the following issue : - CVE-2019-3881: Fixed insecure permissions on a directory in /tmp/ that allowed malicious code execution bsc1143436. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive...

7.8CVSS7.2AI score0.00529EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/07/16 12:0 a.m.48 views

SUSE SLED15 / SLES15 Security Update : rubygem-bundler (SUSE-SU-2020:1582-2)

This update for rubygem-bundler fixes the following issue : CVE-2019-3881: Fixed insecure permissions on a directory in /tmp/ that allowed malicious code execution bsc1143436. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory...

7.8CVSS7.7AI score0.00529EPSS
Exploits0References4
OSV
OSV
added 2020/07/15 8:57 a.m.6 views

SUSE-SU-2020:1582-2 Security update for rubygem-bundler

This update for rubygem-bundler fixes the following issue: - CVE-2019-3881: Fixed insecure permissions on a directory in /tmp/ that allowed malicious code execution bsc1143436...

7.8CVSS8AI score0.00529EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2020/06/25 12:0 a.m.23 views

openSUSE: Security Advisory for rubygem-bundler (openSUSE-SU-2020:0861-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS7.8AI score0.00529EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2020/06/25 12:0 a.m.51 views

Security update for rubygem-bundler (moderate)

openSUSE Security Update: Security update for rubygem-bundler Announcement ID: openSUSE-SU-2020:0861-1 Rating: moderate References: 1143436 Cross-References: CVE-2019-3881 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for...

7.8CVSS6.7AI score0.00529EPSS
Exploits0References1
OSV
OSV
added 2020/06/24 4:42 p.m.7 views

OPENSUSE-SU-2020:0861-1 Security update for rubygem-bundler

This update for rubygem-bundler fixes the following issue: - CVE-2019-3881: Fixed insecure permissions on a directory in /tmp/ that allowed malicious code execution bsc1143436. This update was imported from the SUSE:SLE-15:Update update project...

7.8CVSS7.8AI score0.00529EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/06/18 12:0 a.m.33 views

SUSE SLED15 / SLES15 Security Update : rubygem-bundler (SUSE-SU-2020:1582-1)

This update for rubygem-bundler fixes the following issue : CVE-2019-3881: Fixed insecure permissions on a directory in /tmp/ that allowed malicious code execution bsc1143436. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory...

7.8CVSS7.7AI score0.00529EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2020/06/14 12:0 a.m.23 views

openSUSE: Security Advisory for rubygem-bundler (openSUSE-SU-2020:0803-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS7.8AI score0.00529EPSS
Exploits0References2
Rows per page
Query Builder