RubyGems: Bundler's RCE with response using Marshal
A vulnerability was found in Bundler's dependency API endpoint, which uses Marshal serialization. This could allow for remote code execution if a client receives a specially crafted response. The impact is increased risk from specifying an untrusted source or man-in-the-middle attack...