CVE & CISA-KEV Catalog

CVE-2021-43809

MEDIUMEPSS 85th pctl
6.7
CVSS v3
NVD

Description

`Bundler` is a package for managing application dependencies in Ruby. In `bundler` versions before 2.2.33, when working with untrusted and apparently harmless `Gemfile`'s, it is not expected that they lead to execution of external code, unless that's explicit in the ruby code inside the `Gemfile` itself. However, if the `Gemfile` includes `gem` entries that use the `git` option with invalid, but seemingly harmless, values with a leading dash, this can be false. To handle dependencies that come from a Git repository instead of a registry, Bundler uses various commands, such as `git clone`. These commands are being constructed using user input (e.g. the repository URL). When building the commands, Bundler versions before 2.2.33 correctly avoid Command Injection vulnerabilities by passing an array of arguments instead of a command string. However, there is the possibility that a user input starts with a dash (`-`) and is therefore treated as an optional argument instead of a positional one. This can lead to Code Execution because some of the commands have options that can be leveraged to run arbitrary executables. Since this value comes from the `Gemfile` file, it can contain any character, including a leading dash. To exploit this vulnerability, an attacker has to craft a directory containing a `Gemfile` file that declares a dependency that is located in a Git repository. This dependency has to have a Git URL in the form of `-u./payload`. This URL will be used to construct a Git clone command but will be interpreted as the upload-pack argument. Then this directory needs to be shared with the victim, who then needs to run a command that evaluates the Gemfile, such as `bundle lock`, inside. This vulnerability can lead to Arbitrary Code Execution, which could potentially lead to the takeover of the system. However, the exploitability is very low, because it requires a lot of user interaction. Bundler 2.2.33 has patched this problem by inserting `--` as an argument before any positional arguments to those Git commands that were affected by this issue. Regardless of whether users can upgrade or not, they should review any untrustred `Gemfile`'s before running any `bundler` commands that may read them, since they can contain arbitrary ruby code.

How to fix

Remediation Available
rubygemsDebian
Fixed in:3.2.5-2+deb11u1CVE-2021-43809
Fixed in:3.3.5-1CVE-2021-43809
Fixed in:3.3.5-1CVE-2021-43809
Fixed in:3.3.5-1CVE-2021-43809
rubyRocky
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.src::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
rubyRed Hat / RHEL
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.src::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
ruby-debuginfoRocky
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
ruby-debuginfoRed Hat / RHEL
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
ruby-debugsourceRed Hat / RHEL
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
ruby-debugsourceRocky
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
ruby-develRocky
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
ruby-develRed Hat / RHEL
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
ruby-docRed Hat / RHEL
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.noarch::ruby:2.5RHSA-2025:7539
ruby-docRocky
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.noarch::ruby:2.5RHSA-2025:7539
ruby-irbRocky
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.noarch::ruby:2.5RHSA-2025:7539
ruby-irbRed Hat / RHEL
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.noarch::ruby:2.5RHSA-2025:7539
ruby-libsRocky
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
ruby-libsRed Hat / RHEL
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
ruby-libs-debuginfoRed Hat / RHEL
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
ruby-libs-debuginfoRocky
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.9-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
rubygem-abrtRocky
Fixed in:0:0.3.0-4.module+el8.10.0+22021+135c76a8.src::ruby:2.5RHSA-2025:7539
Fixed in:0:0.3.0-4.module+el8.10.0+22021+135c76a8.noarch::ruby:2.5RHSA-2025:7539
rubygem-abrtRed Hat / RHEL
Fixed in:0:0.3.0-4.module+el8.10.0+22021+135c76a8.src::ruby:2.5RHSA-2025:7539
Fixed in:0:0.3.0-4.module+el8.10.0+22021+135c76a8.noarch::ruby:2.5RHSA-2025:7539
rubygem-abrt-docRed Hat / RHEL
Fixed in:0:0.3.0-4.module+el8.10.0+22021+135c76a8.noarch::ruby:2.5RHSA-2025:7539
rubygem-abrt-docRocky
Fixed in:0:0.3.0-4.module+el8.10.0+22021+135c76a8.noarch::ruby:2.5RHSA-2025:7539
rubygem-bigdecimalRocky
Fixed in:0:1.3.4-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:1.3.4-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:1.3.4-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:1.3.4-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
Fixed in:0:1.3.4-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
rubygem-bigdecimalRed Hat / RHEL
Fixed in:0:1.3.4-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:1.3.4-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
Fixed in:0:1.3.4-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:1.3.4-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:1.3.4-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
rubygem-bigdecimal-debuginfoRocky
Fixed in:0:1.3.4-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:1.3.4-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
Fixed in:0:1.3.4-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:1.3.4-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:1.3.4-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
rubygem-bigdecimal-debuginfoRed Hat / RHEL
Fixed in:0:1.3.4-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:1.3.4-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:1.3.4-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:1.3.4-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:1.3.4-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
rubygem-bsonRed Hat / RHEL
Fixed in:0:4.3.0-2.module+el8.9.0+19193+435404ae.src::ruby:2.5RHSA-2025:7539
Fixed in:0:4.3.0-2.module+el8.9.0+19193+435404ae.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:4.3.0-2.module+el8.9.0+19193+435404ae.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:4.3.0-2.module+el8.9.0+19193+435404ae.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:4.3.0-2.module+el8.9.0+19193+435404ae.ppc64le::ruby:2.5RHSA-2025:7539
rubygem-bsonRocky
Fixed in:0:4.3.0-2.module+el8.9.0+19193+435404ae.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:4.3.0-2.module+el8.9.0+19193+435404ae.src::ruby:2.5RHSA-2025:7539
Fixed in:0:4.3.0-2.module+el8.9.0+19193+435404ae.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:4.3.0-2.module+el8.9.0+19193+435404ae.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:4.3.0-2.module+el8.9.0+19193+435404ae.x86_64::ruby:2.5RHSA-2025:7539
rubygem-bson-debuginfoRocky
Fixed in:0:4.3.0-2.module+el8.9.0+19193+435404ae.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:4.3.0-2.module+el8.9.0+19193+435404ae.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:4.3.0-2.module+el8.9.0+19193+435404ae.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:4.3.0-2.module+el8.9.0+19193+435404ae.aarch64::ruby:2.5RHSA-2025:7539
rubygem-bson-debuginfoRed Hat / RHEL
Fixed in:0:4.3.0-2.module+el8.9.0+19193+435404ae.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:4.3.0-2.module+el8.9.0+19193+435404ae.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:4.3.0-2.module+el8.9.0+19193+435404ae.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:4.3.0-2.module+el8.9.0+19193+435404ae.x86_64::ruby:2.5RHSA-2025:7539
rubygem-bson-debugsourceRocky
Fixed in:0:4.3.0-2.module+el8.9.0+19193+435404ae.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:4.3.0-2.module+el8.9.0+19193+435404ae.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:4.3.0-2.module+el8.9.0+19193+435404ae.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:4.3.0-2.module+el8.9.0+19193+435404ae.s390x::ruby:2.5RHSA-2025:7539
rubygem-bson-debugsourceRed Hat / RHEL
Fixed in:0:4.3.0-2.module+el8.9.0+19193+435404ae.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:4.3.0-2.module+el8.9.0+19193+435404ae.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:4.3.0-2.module+el8.9.0+19193+435404ae.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:4.3.0-2.module+el8.9.0+19193+435404ae.aarch64::ruby:2.5RHSA-2025:7539
rubygem-bson-docRed Hat / RHEL
Fixed in:0:4.3.0-2.module+el8.9.0+19193+435404ae.noarch::ruby:2.5RHSA-2025:7539
rubygem-bson-docRocky
Fixed in:0:4.3.0-2.module+el8.9.0+19193+435404ae.noarch::ruby:2.5RHSA-2025:7539
rubygem-bundlerRocky
Fixed in:0:1.16.1-5.module+el8.10.0+23088+750dc6ca.src::ruby:2.5RHSA-2025:7539
Fixed in:0:1.16.1-5.module+el8.10.0+23088+750dc6ca.noarch::ruby:2.5RHSA-2025:7539
rubygem-bundlerRed Hat / RHEL
Fixed in:0:1.16.1-5.module+el8.10.0+23088+750dc6ca.noarch::ruby:2.5RHSA-2025:7539
Fixed in:0:1.16.1-5.module+el8.10.0+23088+750dc6ca.src::ruby:2.5RHSA-2025:7539
rubygem-bundler-docRed Hat / RHEL
Fixed in:0:1.16.1-5.module+el8.10.0+23088+750dc6ca.noarch::ruby:2.5RHSA-2025:7539
rubygem-bundler-docRocky
Fixed in:0:1.16.1-5.module+el8.10.0+23088+750dc6ca.noarch::ruby:2.5RHSA-2025:7539
rubygem-did_you_meanRocky
Fixed in:0:1.2.0-114.module+el8.10.0+23088+750dc6ca.noarch::ruby:2.5RHSA-2025:7539
rubygem-did_you_meanRed Hat / RHEL
Fixed in:0:1.2.0-114.module+el8.10.0+23088+750dc6ca.noarch::ruby:2.5RHSA-2025:7539
rubygem-io-consoleRed Hat / RHEL
Fixed in:0:0.4.6-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.6-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.6-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.6-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.6-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
rubygem-io-consoleRocky
Fixed in:0:0.4.6-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.6-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.6-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.6-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.6-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
rubygem-io-console-debuginfoRocky
Fixed in:0:0.4.6-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.6-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.6-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.6-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.6-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
rubygem-io-console-debuginfoRed Hat / RHEL
Fixed in:0:0.4.6-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.6-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.6-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.6-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.6-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
rubygem-jsonRed Hat / RHEL
Fixed in:0:2.1.0-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.0-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.0-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.0-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.0-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
rubygem-jsonRocky
Fixed in:0:2.1.0-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.0-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.0-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.0-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.0-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
rubygem-json-debuginfoRed Hat / RHEL
Fixed in:0:2.1.0-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.0-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.0-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.0-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.0-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
rubygem-json-debuginfoRocky
Fixed in:0:2.1.0-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.0-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.0-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.0-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.0-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
rubygem-minitestRed Hat / RHEL
Fixed in:0:5.10.3-114.module+el8.10.0+23088+750dc6ca.noarch::ruby:2.5RHSA-2025:7539
rubygem-minitestRocky
Fixed in:0:5.10.3-114.module+el8.10.0+23088+750dc6ca.noarch::ruby:2.5RHSA-2025:7539
rubygem-mongoRocky
Fixed in:0:2.5.1-2.module+el8.9.0+19193+435404ae.noarch::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.1-2.module+el8.9.0+19193+435404ae.src::ruby:2.5RHSA-2025:7539
rubygem-mongoRed Hat / RHEL
Fixed in:0:2.5.1-2.module+el8.9.0+19193+435404ae.noarch::ruby:2.5RHSA-2025:7539
Fixed in:0:2.5.1-2.module+el8.9.0+19193+435404ae.src::ruby:2.5RHSA-2025:7539
rubygem-mongo-docRed Hat / RHEL
Fixed in:0:2.5.1-2.module+el8.9.0+19193+435404ae.noarch::ruby:2.5RHSA-2025:7539
rubygem-mongo-docRocky
Fixed in:0:2.5.1-2.module+el8.9.0+19193+435404ae.noarch::ruby:2.5RHSA-2025:7539
rubygem-mysql2Rocky
Fixed in:0:0.4.10-4.module+el8.9.0+19193+435404ae.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.10-4.module+el8.9.0+19193+435404ae.src::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.10-4.module+el8.9.0+19193+435404ae.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.10-4.module+el8.9.0+19193+435404ae.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.10-4.module+el8.9.0+19193+435404ae.s390x::ruby:2.5RHSA-2025:7539
rubygem-mysql2Red Hat / RHEL
Fixed in:0:0.4.10-4.module+el8.9.0+19193+435404ae.src::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.10-4.module+el8.9.0+19193+435404ae.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.10-4.module+el8.9.0+19193+435404ae.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.10-4.module+el8.9.0+19193+435404ae.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.10-4.module+el8.9.0+19193+435404ae.s390x::ruby:2.5RHSA-2025:7539
rubygem-mysql2-debuginfoRed Hat / RHEL
Fixed in:0:0.4.10-4.module+el8.9.0+19193+435404ae.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.10-4.module+el8.9.0+19193+435404ae.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.10-4.module+el8.9.0+19193+435404ae.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.10-4.module+el8.9.0+19193+435404ae.aarch64::ruby:2.5RHSA-2025:7539
rubygem-mysql2-debuginfoRocky
Fixed in:0:0.4.10-4.module+el8.9.0+19193+435404ae.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.10-4.module+el8.9.0+19193+435404ae.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.10-4.module+el8.9.0+19193+435404ae.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.10-4.module+el8.9.0+19193+435404ae.aarch64::ruby:2.5RHSA-2025:7539
rubygem-mysql2-debugsourceRed Hat / RHEL
Fixed in:0:0.4.10-4.module+el8.9.0+19193+435404ae.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.10-4.module+el8.9.0+19193+435404ae.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.10-4.module+el8.9.0+19193+435404ae.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.10-4.module+el8.9.0+19193+435404ae.x86_64::ruby:2.5RHSA-2025:7539
rubygem-mysql2-debugsourceRocky
Fixed in:0:0.4.10-4.module+el8.9.0+19193+435404ae.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.10-4.module+el8.9.0+19193+435404ae.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.10-4.module+el8.9.0+19193+435404ae.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:0.4.10-4.module+el8.9.0+19193+435404ae.s390x::ruby:2.5RHSA-2025:7539
rubygem-mysql2-docRocky
Fixed in:0:0.4.10-4.module+el8.9.0+19193+435404ae.noarch::ruby:2.5RHSA-2025:7539
rubygem-mysql2-docRed Hat / RHEL
Fixed in:0:0.4.10-4.module+el8.9.0+19193+435404ae.noarch::ruby:2.5RHSA-2025:7539
rubygem-net-telnetRed Hat / RHEL
Fixed in:0:0.1.1-114.module+el8.10.0+23088+750dc6ca.noarch::ruby:2.5RHSA-2025:7539
rubygem-net-telnetRocky
Fixed in:0:0.1.1-114.module+el8.10.0+23088+750dc6ca.noarch::ruby:2.5RHSA-2025:7539
rubygem-opensslRocky
Fixed in:0:2.1.2-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.2-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.2-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.2-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.2-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
rubygem-opensslRed Hat / RHEL
Fixed in:0:2.1.2-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.2-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.2-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.2-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.2-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
rubygem-openssl-debuginfoRocky
Fixed in:0:2.1.2-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.2-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.2-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.2-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.2-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
rubygem-openssl-debuginfoRed Hat / RHEL
Fixed in:0:2.1.2-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.2-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.2-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.2-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
Fixed in:0:2.1.2-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
rubygem-pgRocky
Fixed in:0:1.0.0-3.module+el8.9.0+19193+435404ae.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:1.0.0-3.module+el8.9.0+19193+435404ae.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:1.0.0-3.module+el8.9.0+19193+435404ae.src::ruby:2.5RHSA-2025:7539
Fixed in:0:1.0.0-3.module+el8.9.0+19193+435404ae.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:1.0.0-3.module+el8.9.0+19193+435404ae.aarch64::ruby:2.5RHSA-2025:7539
rubygem-pgRed Hat / RHEL
Fixed in:0:1.0.0-3.module+el8.9.0+19193+435404ae.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:1.0.0-3.module+el8.9.0+19193+435404ae.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:1.0.0-3.module+el8.9.0+19193+435404ae.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:1.0.0-3.module+el8.9.0+19193+435404ae.src::ruby:2.5RHSA-2025:7539
Fixed in:0:1.0.0-3.module+el8.9.0+19193+435404ae.x86_64::ruby:2.5RHSA-2025:7539
rubygem-pg-debuginfoRed Hat / RHEL
Fixed in:0:1.0.0-3.module+el8.9.0+19193+435404ae.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:1.0.0-3.module+el8.9.0+19193+435404ae.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:1.0.0-3.module+el8.9.0+19193+435404ae.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:1.0.0-3.module+el8.9.0+19193+435404ae.x86_64::ruby:2.5RHSA-2025:7539
rubygem-pg-debuginfoRocky
Fixed in:0:1.0.0-3.module+el8.9.0+19193+435404ae.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:1.0.0-3.module+el8.9.0+19193+435404ae.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:1.0.0-3.module+el8.9.0+19193+435404ae.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:1.0.0-3.module+el8.9.0+19193+435404ae.s390x::ruby:2.5RHSA-2025:7539
rubygem-pg-debugsourceRocky
Fixed in:0:1.0.0-3.module+el8.9.0+19193+435404ae.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:1.0.0-3.module+el8.9.0+19193+435404ae.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:1.0.0-3.module+el8.9.0+19193+435404ae.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:1.0.0-3.module+el8.9.0+19193+435404ae.s390x::ruby:2.5RHSA-2025:7539
rubygem-pg-debugsourceRed Hat / RHEL
Fixed in:0:1.0.0-3.module+el8.9.0+19193+435404ae.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:1.0.0-3.module+el8.9.0+19193+435404ae.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:1.0.0-3.module+el8.9.0+19193+435404ae.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:1.0.0-3.module+el8.9.0+19193+435404ae.x86_64::ruby:2.5RHSA-2025:7539
rubygem-pg-docRocky
Fixed in:0:1.0.0-3.module+el8.9.0+19193+435404ae.noarch::ruby:2.5RHSA-2025:7539
rubygem-pg-docRed Hat / RHEL
Fixed in:0:1.0.0-3.module+el8.9.0+19193+435404ae.noarch::ruby:2.5RHSA-2025:7539
rubygem-power_assertRocky
Fixed in:0:1.1.1-114.module+el8.10.0+23088+750dc6ca.noarch::ruby:2.5RHSA-2025:7539
rubygem-power_assertRed Hat / RHEL
Fixed in:0:1.1.1-114.module+el8.10.0+23088+750dc6ca.noarch::ruby:2.5RHSA-2025:7539
rubygem-psychRocky
Fixed in:0:3.0.2-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
Fixed in:0:3.0.2-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:3.0.2-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:3.0.2-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:3.0.2-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
rubygem-psychRed Hat / RHEL
Fixed in:0:3.0.2-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:3.0.2-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:3.0.2-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
Fixed in:0:3.0.2-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:3.0.2-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
rubygem-psych-debuginfoRocky
Fixed in:0:3.0.2-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:3.0.2-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
Fixed in:0:3.0.2-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:3.0.2-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:3.0.2-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
rubygem-psych-debuginfoRed Hat / RHEL
Fixed in:0:3.0.2-114.module+el8.10.0+23088+750dc6ca.aarch64::ruby:2.5RHSA-2025:7539
Fixed in:0:3.0.2-114.module+el8.10.0+23088+750dc6ca.x86_64::ruby:2.5RHSA-2025:7539
Fixed in:0:3.0.2-114.module+el8.10.0+23088+750dc6ca.ppc64le::ruby:2.5RHSA-2025:7539
Fixed in:0:3.0.2-114.module+el8.10.0+23088+750dc6ca.s390x::ruby:2.5RHSA-2025:7539
Fixed in:0:3.0.2-114.module+el8.10.0+23088+750dc6ca.i686::ruby:2.5RHSA-2025:7539
rubygem-rakeRed Hat / RHEL
Fixed in:0:12.3.3-114.module+el8.10.0+23088+750dc6ca.noarch::ruby:2.5RHSA-2025:7539
rubygem-rakeRocky
Fixed in:0:12.3.3-114.module+el8.10.0+23088+750dc6ca.noarch::ruby:2.5RHSA-2025:7539
rubygem-rdocRocky
Fixed in:0:6.0.1.1-114.module+el8.10.0+23088+750dc6ca.noarch::ruby:2.5RHSA-2025:7539
rubygem-rdocRed Hat / RHEL
Fixed in:0:6.0.1.1-114.module+el8.10.0+23088+750dc6ca.noarch::ruby:2.5RHSA-2025:7539
rubygem-test-unitRed Hat / RHEL
Fixed in:0:3.2.7-114.module+el8.10.0+23088+750dc6ca.noarch::ruby:2.5RHSA-2025:7539
rubygem-test-unitRocky
Fixed in:0:3.2.7-114.module+el8.10.0+23088+750dc6ca.noarch::ruby:2.5RHSA-2025:7539
rubygem-xmlrpcRed Hat / RHEL
Fixed in:0:0.3.0-114.module+el8.10.0+23088+750dc6ca.noarch::ruby:2.5RHSA-2025:7539
rubygem-xmlrpcRocky
Fixed in:0:0.3.0-114.module+el8.10.0+23088+750dc6ca.noarch::ruby:2.5RHSA-2025:7539
rubygemsRocky
Fixed in:0:2.7.6.3-114.module+el8.10.0+23088+750dc6ca.noarch::ruby:2.5RHSA-2025:7539
rubygemsRed Hat / RHEL
Fixed in:0:2.7.6.3-114.module+el8.10.0+23088+750dc6ca.noarch::ruby:2.5RHSA-2025:7539
rubygems-develRocky
Fixed in:0:2.7.6.3-114.module+el8.10.0+23088+750dc6ca.noarch::ruby:2.5RHSA-2025:7539
rubygems-develRed Hat / RHEL
Fixed in:0:2.7.6.3-114.module+el8.10.0+23088+750dc6ca.noarch::ruby:2.5RHSA-2025:7539

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged

Impact

ConfidentialityHigh
IntegrityHigh
AvailabilityHigh

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Exploit Intelligence

2.80%probability of exploitation in 30 days
85thpercentile

Elevated risk: more likely to be exploited than 85% of all known CVEs.

References

Embed a live status badge for CVE-2021-43809
CVE-2021-43809 severity badge

Markdown

[![CVE-2021-43809](https://tridentstack.com/cve/badge/CVE-2021-43809.svg)](https://tridentstack.com/cve/CVE-2021-43809)

HTML

<a href="https://tridentstack.com/cve/CVE-2021-43809"><img src="https://tridentstack.com/cve/badge/CVE-2021-43809.svg" alt="CVE-2021-43809"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2025-11-03.