Ruby is vulnerable to escape sequence injection. This exists in the function Gem::GemcutterUtilities#with_response of the component API Response Handler. Gem::GemcutterUtilities#with_response may output the API response to stdout without any change. Modifications in the response from API side may cause escape sequence injection vulnerability.