rpm package
suse/rubygem-bundler&distro=SUSE Linux Enterprise Module for Basesystem 15 SP1
pkg:rpm/suse/rubygem-bundler&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-3881 | Hig | 7.8 | < 1.16.1-3.3.1 | 1.16.1-3.3.1 | Sep 4, 2020 | Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user's home directory are not available. If Bundler is used in a scenario where the user does not have a writable home directory, an a |
- affected < 1.16.1-3.3.1fixed 1.16.1-3.3.1
Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user's home directory are not available. If Bundler is used in a scenario where the user does not have a writable home directory, an a