PT-2022-2574 · Bundler +1 · Bundler +1
Name of the Vulnerable Software and Affected Versions: RubyGems.org affected versions not specified Description: The issue is related to a bug in the yank action of RubyGems.org, allowing any user to remove and replace certain gems without authorization. A gem is vulnerable if it has one or more...