If you use Ruby, we’d like to have your attention for a minute! There are multiple vulnerabilities in RubyGems bundled by Ruby.
- Ruby 2.2 series: 2.2.9 and earlier
- Ruby 2.3 series: 2.3.6 and earlier
- Ruby 2.4 series: 2.4.3 and earlier
- Ruby 2.5 series: 2.5.0 and earlier
- prior to trunk revision 62422
It is recommended to take one of the following workarounds as soon as possible.
Find security fixes list and the way to upgrade or downgrade your RubyGems here.