SUSE-SU-2026:1355-1 Security update for rubygem-bundler

This update for rubygem-bundler fixes the following issues: Updated to version 2.2.34. - CVE-2020-36327: Bundler chooses a dependency source based on the highest gem version number, which means that a rogue gem found at a public source may be chosen bsc1185842 - CVE-2021-43809: rubygem-bundler:...

MiracleLinux 7 : rh-ruby26-ruby-2.6.9-120.el7 (AXSA:2022-3091:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3091:01 advisory. rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source CVE-2020-36327 rubygem-rdoc: Command injection...

GLSA-202408-22 : Bundler: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202408-22 Bundler: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in Bundler. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly...

[ASA-202106-14] ruby-bundler: insufficient validation

Arch Linux Security Advisory ASA-202106-14 ========================================== Severity: Medium Date : 2021-06-01 CVE-ID : CVE-2020-36327 Package : ruby-bundler Type : insufficient validation Remote : Yes Link : https://security.archlinux.org/AVG-1891 Summary ======= The package ruby-bundl...