AVG-1891 log

Package ruby-bundler
Status Vulnerable
Severity Medium
Type insufficient validation
Affected 2.2.17-1
Fixed Unknown
Current 2.2.17-1 [community]
Ticket Create
Created Thu Apr 29 12:49:26 2021
Issue Severity Remote Type Description
CVE-2020-36327 Medium Yes Insufficient validation
Bundler 1.16.0 through 2.2.9 and 2.2.11 through 2.2.16 sometimes chooses a dependency source based on the highest gem version number, which means that a...