{"id":"MGASA-2022-0102","summary":"Updated ruby packages fix security vulnerability","details":"Command injection in ruby bundler. (CVE-2021-43809)\n","modified":"2026-01-31T00:39:15.610901Z","published":"2022-03-14T16:51:52Z","related":["CVE-2021-43809"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2022-0102.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=30162"},{"type":"REPORT","url":"https://blog.sonarsource.com/securing-developer-tools-package-managers"}],"affected":[{"package":{"name":"ruby","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/ruby?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.7.5-33.3.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0102.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}