Sha256: dba3a475f997d9968fd0930f4551d9bdc202259ecb9ae955b24b0c099c76e3cb
Contents?: true
Size: 548 Bytes
Versions: 1
Compression:
Stored size: 548 Bytes
Contents
--- gem: bundler cve: 2013-0334 osvdb: 110004 url: https://nvd.nist.gov/vuln/detail/CVE-2013-0334 title: Bundler Gem for Ruby Multiple Top-level Source Lines Gemfile Handling Gem Installation Spoofing date: 2014-08-13 description: | Bundler Gem for Ruby contains a flaw that is triggered when handling a gemfile that contains multiple top-level source lines. This may allow a context-dependent attacker to install specially crafted gems on a remote system, leading to arbitrary code execution. cvss_v2: 5.0 patched_versions: - ">= 1.7.0"
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| bundler-audit-0.7.0.1 | data/ruby-advisory-db/gems/bundler/CVE-2013-0334.yml |