Package impact
RubyGems / bundler
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-7954 | critical | 9.8 | 9.8 | 10y ago | Bundler allows attacker to inject arbitrary code via secondary Gem source | |||
| CVE-2020-36327 | high | — | 8.0 | 6y ago | RHSA-2021:3020: ruby:2.7 security update (Important) |