CVE-2021-43809

Name of the Vulnerable Software and Affected Versions bundler versions prior to 2.2.33

Description The issue is related to the handling of untrusted Gemfile's in bundler. When a Gemfile includes gem entries with the git option and invalid values starting with a dash, it can lead to Code Execution. This happens because bundler uses commands like git clone and constructs them using user input, which can be interpreted as optional arguments instead of positional ones. An attacker can exploit this by crafting a directory with a Gemfile that declares a dependency in a Git repository with a Git URL in the form of -u./payload. This can lead to Arbitrary Code Execution, potentially allowing the takeover of the system. However, the exploitability is low due to the requirement of significant user interaction.

Recommendations To resolve the issue, update to bundler version 2.2.33 or later. For versions prior to 2.2.33, as a temporary workaround, consider reviewing any untrusted Gemfile's before running any bundler commands that may read them, since they can contain arbitrary ruby code.