VYPR

rpm package

suse/rubygem-bundler&distro=SUSE Linux Enterprise Module for Basesystem 15 SP1

pkg:rpm/suse/rubygem-bundler&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1

Vulnerabilities (1)

  • CVE-2019-3881HigSep 4, 2020
    affected < 1.16.1-3.3.1fixed 1.16.1-3.3.1

    Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user's home directory are not available. If Bundler is used in a scenario where the user does not have a writable home directory, an a