Lucene search
K

4 matches found

SUSE Linux
SUSE Linux
added 2026/04/15 1:37 p.m.2 views

Security update for rubygem-bundler

This update for rubygem-bundler fixes the following issues: Updated to version 2.2.34. CVE-2020-36327: Bundler chooses a dependency source based on the highest gem version number, which means that a rogue gem found at a public source may be chosen bsc1185842 CVE-2021-43809: rubygem-bundler: remot...

8.8CVSS6AI score0.06307EPSS
Exploits2References8
OSV
OSV
added 2026/03/31 3:15 a.m.4 views

DEBIAN-CVE-2026-34060

Ruby LSP is an implementation of the language server protocol for Ruby. Prior to Shopify.ruby-lsp version 0.10.2 and ruby-lsp version 0.26.9, the rubyLsp.branch VS Code workspace setting was interpolated without sanitization into a generated Gemfile, allowing arbitrary Ruby code execution when a...

7.1CVSS6.2AI score0.00479EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/31 1:59 a.m.24 views

CVE-2026-34060 Ruby LSP has arbitrary code execution through branch setting

Ruby LSP is an implementation of the language server protocol for Ruby. Prior to Shopify.ruby-lsp version 0.10.2 and ruby-lsp version 0.26.9, the rubyLsp.branch VS Code workspace setting was interpolated without sanitization into a generated Gemfile, allowing arbitrary Ruby code execution when a...

7.1CVSS0.00479EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2024/11/01 3:23 p.m.3 views

Security update for rubygem-bundler

This update for rubygem-bundler fixes the following issues: CVE-2021-43809: Fixed remote execution via Gemfile argument injection bsc1193578 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...

7.3CVSS6.9AI score0.02796EPSS
Exploits1References4
Rows per page
Query Builder