SUSE SLED15 / SLES15 Security Update : rubygem-bundler (SUSE-SU-2026:1355-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1355-1 advisory. Updated to version 2.2.34. - CVE-2020-36327: Bundler chooses a dependency source based on the highest gem...

MiracleLinux 8 : ruby:2.7 (AXSA:2021-2407:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2407:01 advisory. rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source CVE-2020-36327 rubygem-rdoc: Command injection...

openSUSE Security Advisory (SUSE-SU-2025:1294-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2025:1294-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : rubygem-bundler (SUSE-SU-2025:1294-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:1294-1 advisory. - CVE-2020-36327: Fixed bundler choosing a dependency source based on the highest gem version number, whi...

Security update for rubygem-bundler

This update for rubygem-bundler fixes the following issues: CVE-2020-36327: Fixed bundler choosing a dependency source based on the highest gem version number, which means that a rogue gem found at a public source may be chosen bsc1185842 Other fixes: - Updated to version 2.2.34 Patch...

SUSE-SU-2025:1294-1 Security update for rubygem-bundler

This update for rubygem-bundler fixes the following issues: - CVE-2020-36327: Fixed bundler choosing a dependency source based on the highest gem version number, which means that a rogue gem found at a public source may be chosen bsc1185842 Other fixes: - Updated to version 2.2.34...

SUSE: Security Advisory (SUSE-SU-2024:3873-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : rubygem-bundler (SUSE-SU-2024:3873-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3873-1 advisory. - CVE-2021-43809: Fixed remote execution via Gemfile argument injection bsc1193578 Tenable has extracted...

Security update for rubygem-bundler

This update for rubygem-bundler fixes the following issues: CVE-2021-43809: Fixed remote execution via Gemfile argument injection bsc1193578 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...

SUSE-SU-2024:3873-1 Security update for rubygem-bundler

This update for rubygem-bundler fixes the following issues: - CVE-2021-43809: Fixed remote execution via Gemfile argument injection bsc1193578...

RHSA-2015:2180 Red Hat Security Advisory: rubygem-bundler and rubygem-thor security, bug fix, and enhancement update

Bulletin has no description...

ruby security update

ruby 2.5.9-112 - Fix ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755. CVE-2023-36617 Resolves: RHEL-5614 - Fix Buffer overread vulnerability in StringIO. CVE-2024-27280 Resolves: RHEL-34125 - Fix RCE vulnerability with .rdocoptions in RDoc. CVE-2024-27281 Resolves: RHEL-34117 -...

RHEL 8 : 2.5_rubygem-bundler (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - rubygem-bundler: Insecure permissions on directory in /tmp/ allows for execution of malicious code CVE-2019-3881 No...

RHEL 6 : rubygem-bundler (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - rubygem-bundler: Code execution via gem name collision in bundler CVE-2016-7954 Note that Nessus has not tested for...

RHEL 6 : rubygem-bundler (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - rubygem-bundler: Code execution via gem name collision in bundler CVE-2016-7954 Note that Nessus has not tested for...

RHEL 8 : rubygem-bundler (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - rubygem-bundler: Insecure permissions on directory in /tmp/ allows for execution of malicious code CVE-2019-3881 No...

RHEL 7 : rubygem-bundler (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - rubygem-bundler: Code execution via gem name collision in bundler CVE-2016-7954 - rubygem-bundler:...

CentOS 8 : ruby:2.5 (CESA-2022:0545)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:0545 advisory. - rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source CVE-2020-36327 Note that Nessus has not tested for this...

Important: Red Hat Security Advisory: rh-ruby26-ruby security, bug fix, and enhancement update

An update for rh-ruby26-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...