Ruby is distributed with Bundler, a dependencies resolver and installer for RubyGem packages.
The CVE-2020-36327 vulnerability in Bundler affects configurations that specify multiple sources from which RubyGem packages are installed. This can cause dependencies to be installed from a different source than intended....
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.