Security Advisory
CVE-2019-8321
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::UserInteraction#verbose calls say without escaping, escape sequence injection is possible.