Bundler - Bundler CVE

Filtered by vendor Bundler Subscribe

Filtered by product Bundler

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2016-7954	1 Bundler	1 Bundler	2019-07-02	7.5 HIGH	9.8 CRITICAL
Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334.

Vulnerabilities (CVE)