SUSE CVE-2016-7954

Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334...

CVE-2016-7954

Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334...

UBUNTU-CVE-2016-7954

Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334...

CVE-2016-7954

Removed by vendor...

CVE-2016-7954

Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334...

Allows an attacker to inject arbitrary code into your application via any secondary Gem source declared in your Gemfile

Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a Gem name collision on a secondary source. Please note that this vulnerability only applies for Ruby projects using Bundler 2.0 with Gemfiles having 2 or more "source" lines. In other words, ...