Bundler allows attacker to inject arbitrary code via secondary Gem source

Critical severity GitHub Reviewed Published May 14, 2022 to the GitHub Advisory Database • Updated Apr 14, 2025

No open alerts for this advisory

Give feedback on Dependabot alerts