CVE-2019-3881

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Bundler versions prior to 2.1.0

Description The issue is related to the use of predictable paths in /tmp/ with insecure permissions as a storage location for gems when locations under the user's home directory are not available. If Bundler is used in a scenario where the user does not have a writable home directory, an attacker could place malicious code in this directory that would be later loaded and executed.

Recommendations For Bundler versions prior to 2.1.0, update to version 2.1.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the /tmp/ directory to minimize the risk of exploitation. Additionally, ensure that users have writable home directories to prevent the use of predictable paths in /tmp/.

Exploit

Fix

Files Accessible to External Parties

Uncontrolled Search Path Element

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-552CWE-427

Related Identifiers

ALSA-2021:2588

ALSA-2025_16880

BDU:2020-04070

CESA-2021_2588

CVE-2019-3881

GHSA-G98M-96G9-WFJQ

OESA-2021-1419

OPENSUSE-SU-2020:0803-1

OPENSUSE-SU-2020:0861-1

OPENSUSE-SU-2020_0803-1

OPENSUSE-SU-2020_0861-1

RHSA-2021:2230

RHSA-2021:2588

RHSA-2021_2588

RLSA-2021:2588

SUSE-SU-2020:1582-1

SUSE-SU-2020:1582-2

SUSE-SU-2020_1582-1

SUSE-SU-2020_1582-2

USN-4870-1

Affected Products

Almalinux

Bundler

Centos

Red Hat

Rocky Linux

Suse

Ubuntu

CVE-2019-3881

Weakness Enumeration

Related Identifiers

Affected Products

References · 56