EPSS
Percentile
89.4%
Ruby is vulnerable to deserialization of untrusted data vulnerability. This attack appear to be exploitable via victim must run the gem owner command on a gem with a specially crafted YAML file which may leads to a code execution.
gem owner
access.redhat.com/errata/RHSA-2018:3729
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=1650591