rubygems/bundler
GitHub
Releases296
Frequency3 weeks 6 days
Last Release
Stars4.88K
Manage your Ruby application's gem dependencies
CVE History
| CVE | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|
| — | 7.5 HIGH | ||
Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334. | |||