Package impact
RubyGems / bundler
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-7954 | critical | 9.8 | 9.8 | 10y ago | Bundler allows attacker to inject arbitrary code via secondary Gem source | |||
| CVE-2020-36327 | high | — | 8.0 | 6y ago | Important: ruby:2.5 security update |