Information on source package bundler

Available versions

ReleaseVersion
jessie1.7.4-1
stretch1.13.6-2
buster1.17.3-3+deb10u1

Open issues

BugjessiestretchbusterDescription
CVE-2020-36327vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)Bundler 1.16.0 through 2.2.9 and 2.2.11 through 2.2.16 sometimes choos ...
CVE-2019-3881fixedvulnerable (no DSA)fixedBundler prior to 2.1.0 uses a predictable path in /tmp/, created with ...
CVE-2016-7954vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)Bundler 1.x might allow remote attackers to inject arbitrary Ruby code ...

Resolved issues

BugDescription
CVE-2013-0334Bundler before 1.7, when multiple top-level source lines are used, all ...

Search for package or bug name: Reporting problems