Vulnerability Database
Blog
FAQ
Docs
RHSA-2022:0547
See a problem?
Please try reporting it
to the source
first.
Source
https://access.redhat.com/errata/RHSA-2022:0547
Import Source
https://security.access.redhat.com/data/osv/RHSA-2022:0547.json
JSON Data
https://api.osv.dev/v1/vulns/RHSA-2022:0547
Related
CVE-2020-36327
Published
2024-09-13T15:45:44Z
Modified
2024-09-13T15:45:44Z
Severity
8.8 (High)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS Calculator
Summary
Red Hat Security Advisory: ruby:2.5 security update
Details
References
https://access.redhat.com/errata/RHSA-2022:0547
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/articles/6206172
https://bugzilla.redhat.com/show_bug.cgi?id=1958999
https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_0547.json
https://access.redhat.com/security/cve/CVE-2020-36327
https://www.cve.org/CVERecord?id=CVE-2020-36327
https://nvd.nist.gov/vuln/detail/CVE-2020-36327
https://www.zofrex.com/blog/2021/04/29/bundler-still-vulnerable-dependency-confusion-cve-2020-36327/
Affected packages
Red Hat:rhel_eus:8.2::appstream
/
rubygem-bundler
Package
Name
rubygem-bundler
Purl
pkg:rpm/redhat/rubygem-bundler
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.16.1-4.module+el8.2.0+14084+4fedcad5
Red Hat:rhel_eus:8.2::appstream
/
rubygem-bundler-doc
Package
Name
rubygem-bundler-doc
Purl
pkg:rpm/redhat/rubygem-bundler-doc
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.16.1-4.module+el8.2.0+14084+4fedcad5
RHSA-2022:0547 - OSV