VYPR

RubyGems package

message_bus

pkg:gem/message_bus

Vulnerabilities (1)

  • CVE-2021-43840MedDec 17, 2021
    affected < 3.3.7fixed 3.3.7

    message_bus is a messaging bus for Ruby processes and web clients. In versions prior to 3.3.7 users who deployed message bus with diagnostics features enabled (default off) are vulnerable to a path traversal bug, which could lead to disclosure of secret information on a machine i