{"id":"RHSA-2015:2180","summary":"Red Hat Security Advisory: rubygem-bundler and rubygem-thor security, bug fix, and enhancement update","modified":"2025-11-22T11:05:08Z","published":"2024-09-15T22:31:02Z","upstream":["CVE-2013-0334"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2015:2180"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#moderate"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1146335"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1163076"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1194243"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1209921"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_2180.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2013-0334"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2013-0334"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0334"},{"type":"ARTICLE","url":"http://bundler.io/blog/2014/08/14/bundler-may-install-gems-from-a-different-source-than-expected-cve-2013-0334.html"}],"affected":[{"package":{"name":"rubygem-bundler","ecosystem":"Red Hat:enterprise_linux:7::client","purl":"pkg:rpm/redhat/rubygem-bundler"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.7.8-3.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2015:2180.json"}},{"package":{"name":"rubygem-bundler-doc","ecosystem":"Red Hat:enterprise_linux:7::client","purl":"pkg:rpm/redhat/rubygem-bundler-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.7.8-3.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2015:2180.json"}},{"package":{"name":"rubygem-thor","ecosystem":"Red Hat:enterprise_linux:7::client","purl":"pkg:rpm/redhat/rubygem-thor"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.19.1-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2015:2180.json"}},{"package":{"name":"rubygem-thor-doc","ecosystem":"Red Hat:enterprise_linux:7::client","purl":"pkg:rpm/redhat/rubygem-thor-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.19.1-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2015:2180.json"}},{"package":{"name":"rubygem-bundler","ecosystem":"Red Hat:enterprise_linux:7::computenode","purl":"pkg:rpm/redhat/rubygem-bundler"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.7.8-3.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2015:2180.json"}},{"package":{"name":"rubygem-bundler-doc","ecosystem":"Red Hat:enterprise_linux:7::computenode","purl":"pkg:rpm/redhat/rubygem-bundler-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.7.8-3.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2015:2180.json"}},{"package":{"name":"rubygem-thor","ecosystem":"Red Hat:enterprise_linux:7::computenode","purl":"pkg:rpm/redhat/rubygem-thor"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.19.1-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2015:2180.json"}},{"package":{"name":"rubygem-thor-doc","ecosystem":"Red Hat:enterprise_linux:7::computenode","purl":"pkg:rpm/redhat/rubygem-thor-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.19.1-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2015:2180.json"}},{"package":{"name":"rubygem-bundler","ecosystem":"Red Hat:enterprise_linux:7::server","purl":"pkg:rpm/redhat/rubygem-bundler"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.7.8-3.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2015:2180.json"}},{"package":{"name":"rubygem-bundler-doc","ecosystem":"Red Hat:enterprise_linux:7::server","purl":"pkg:rpm/redhat/rubygem-bundler-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.7.8-3.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2015:2180.json"}},{"package":{"name":"rubygem-thor","ecosystem":"Red Hat:enterprise_linux:7::server","purl":"pkg:rpm/redhat/rubygem-thor"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.19.1-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2015:2180.json"}},{"package":{"name":"rubygem-thor-doc","ecosystem":"Red Hat:enterprise_linux:7::server","purl":"pkg:rpm/redhat/rubygem-thor-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.19.1-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2015:2180.json"}},{"package":{"name":"rubygem-bundler","ecosystem":"Red Hat:enterprise_linux:7::workstation","purl":"pkg:rpm/redhat/rubygem-bundler"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.7.8-3.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2015:2180.json"}},{"package":{"name":"rubygem-bundler-doc","ecosystem":"Red Hat:enterprise_linux:7::workstation","purl":"pkg:rpm/redhat/rubygem-bundler-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.7.8-3.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2015:2180.json"}},{"package":{"name":"rubygem-thor","ecosystem":"Red Hat:enterprise_linux:7::workstation","purl":"pkg:rpm/redhat/rubygem-thor"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.19.1-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2015:2180.json"}},{"package":{"name":"rubygem-thor-doc","ecosystem":"Red Hat:enterprise_linux:7::workstation","purl":"pkg:rpm/redhat/rubygem-thor-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.19.1-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2015:2180.json"}}],"schema_version":"1.7.3"}