Bundler-Audit

Bundler-Audit is an open-source patch-level verification tool for Ruby applications that scans Gemfile.lock files to identify known security vulnerabilities and insecure gem sources by cross-referencing dependencies against the Ruby Advisory Database maintained by RubySec. The tool performs dependency security analysis to detect vulnerable gem versions, insecure protocols (http:// and git://), and provides detailed advisory information including CVE references, criticality ratings, and remediation guidance to help developers address security risks in their Ruby on Rails applications.