PT-2021-12010
Name of the Vulnerable Software and Affected Versions: Bundler versions 1.16.0 through 2.2.9 Bundler versions 2.2.11 through 2.2.16 Description: The issue sometimes chooses a dependency source based on the highest gem version number. This means a rogue gem found at a public source may be chosen,...