{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2019-3881", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "dateUpdated": "2024-08-04T19:19:18.600Z", "dateReserved": "2019-01-03T00:00:00", "datePublished": "2020-09-04T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2022-10-07T00:00:00"}, "descriptions": [{"lang": "en", "value": "Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user's home directory are not available. If Bundler is used in a scenario where the user does not have a writable home directory, an attacker could place malicious code in this directory that would be later loaded and executed."}], "affected": [{"vendor": "n/a", "product": "rubygem-bundler", "versions": [{"version": "bundler versions before 2.1.0", "status": "affected"}]}], "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1651826"}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-427", "cweId": "CWE-427"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T19:19:18.600Z"}, "title": "CVE Program Container", "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1651826", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:bundler:bundler:*:*:*:*:*:ruby:*:*", "matchCriteriaId": "AA38E451-BFAE-4332-8320-2DFBED02F849", "versionEndExcluding": "2.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user's home directory are not available. If Bundler is used in a scenario where the user does not have a writable home directory, an attacker could place malicious code in this directory that would be later loaded and executed."}, {"lang": "es", "value": "Bundler versiones anteriores a 2.1.0, usa una ruta predecible en /tmp/, creada con permisos no seguros como una ubicaci\u00f3n de almacenamiento para gemas, si las ubicaciones en el directorio de inicio del usuario no est\u00e1n disponibles. Si Bundler es usado en un escenario donde el usuario no posee un directorio de inicio de escritura, un atacante podr\u00eda colocar un c\u00f3digo malicioso en este directorio que luego podr\u00eda ser cargado y ejecutado"}], "id": "CVE-2019-3881", "lastModified": "2022-11-08T19:50:01.037", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-09-04T12:15:10.387", "references": [{"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1651826"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-427"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-427"}], "source": "secalert@redhat.com", "type": "Secondary"}]}

{"acknowledgement": "This issue was discovered by Luk\u00e1\u0161 Zapletal (Red Hat).", "affected_release": [{"advisory": "RHSA-2021:2588", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "ruby:2.6-8040020210430142949.522a0ee4", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-06-29T00:00:00Z"}, {"advisory": "RHSA-2021:2230", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-ruby26-ruby-0:2.6.7-119.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2021-06-03T00:00:00Z"}, {"advisory": "RHSA-2021:2230", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-ruby26-ruby-0:2.6.7-119.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS", "release_date": "2021-06-03T00:00:00Z"}], "bugzilla": {"description": "rubygem-bundler: Insecure permissions on directory in /tmp/ allows for execution of malicious code", "id": "1651826", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1651826"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.7", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-427", "details": ["Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user's home directory are not available. If Bundler is used in a scenario where the user does not have a writable home directory, an attacker could place malicious code in this directory that would be later loaded and executed.", "Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user's home directory are not available. If Bundler is used in a scenario where the user does not have a writable home directory, an attacker could place malicious code in this directory that would be later loaded and executed."], "name": "CVE-2019-3881", "package_state": [{"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Affected", "package_name": "backend", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "rubygem-bundler", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "ruby:2.5/rubygem-bundler", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Not affected", "package_name": "rh-ruby23-rubygem-bundler", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Not affected", "package_name": "rh-ruby24-rubygem-bundler", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Will not fix", "package_name": "rh-ruby25-rubygem-bundler", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Not affected", "package_name": "rh-ruby27-ruby", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:storage:3", "fix_state": "Not affected", "package_name": "rubygem-bundler", "product_name": "Red Hat Storage 3"}, {"cpe": "cpe:/a:rhel_sam:1", "fix_state": "Not affected", "package_name": "ruby193-rubygem-bundler", "product_name": "Red Hat Subscription Asset Manager"}, {"cpe": "cpe:/a:rhel_sam:1", "fix_state": "Not affected", "package_name": "rubygem-bundler", "product_name": "Red Hat Subscription Asset Manager"}], "public_date": "2018-05-23T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2019-3881\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-3881"], "statement": "The version of rubygem-bundler provided in 'Red Hat Gluster Storage 3' does not contain the vulnerable functionality and is not affected by this vulnerability.", "threat_severity": "Moderate", "upstream_fix": "bundler 2.1.0"}