This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-201609-02
(Bundler: Insecure installation)
Bundler, allows the installation of gems from different sources with the
same names, when multiple top-level gem sources are used.
Remote attackers could inject arbitrary code via the gem install
There is no known workaround at this time.
See also :
All Bundler users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=dev-ruby/bundler-1.7.3'
Risk factor :
Medium / CVSS Base Score : 5.0