#VU85298 Improper Neutralization of Argument Delimiters in a Command in bundler - CVE-2021-43809
Vulnerability identifier: #VU85298
Vulnerability risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-88
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
bundler
Universal components / Libraries /
Software for developers
Vendor: Bundler
Description
The vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability occurs when working with untrusted and apparently harmless `Gemfile`'s. A local user can trick the victim into opening a specially crafted directory containing a `Gemfile` file that declares a dependency that is located in a Git repository and execute arbitrary code on the target system.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
bundler: 0.3.0 - 2.2.32
External links
https://github.com/rubygems/rubygems/commit/a4f2f8ac17e6ce81c689527a8b6f14381060d95f
https://github.com/rubygems/rubygems/security/advisories/GHSA-fj7f-vq84-fh43
https://github.com/rubygems/rubygems/pull/5142
https://github.com/rubygems/rubygems/commit/0fad1ccfe9dd7a3c5b82c1496df3c2b4842870d3
https://www.sonarsource.com/blog/securing-developer-tools-package-managers/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
