A vulnerability was found in Bundler up to 2.2.32. It has been declared as critical. This vulnerability affects an unknown code of the component Gemfile Handler. Upgrading to version 2.2.33 eliminates this vulnerability. Applying the patch 0fad1ccfe9dd7a3c5b82c1496df3c2b4842870d3 is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.
Bundler up to 2.2.32 Gemfile argument injection
Description The Texercise package in PyPI v0.0.1 to v0.0.12 was discovered to contain a code execution backdoor. This vulnerability allows
Description Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the ‘id’ parameter at /pms/admin/prisons/view_prison.php:4 References
Description A vulnerability in the logging component of Cisco Adaptive Security Device Manager (ASDM) could allow an authenticated, local attacker