EPSS
Percentile
86.6%
Ruby is vulnerable to improper signature validation vulnerability. This occurs in the tarball in package.rb which allows to install mis-signed gem.
tarball
package.rb
access.redhat.com/errata/RHSA-2018:3729
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=1650591