Multiple vulnerabilities have been identified and fixed in ruby: Cross-site scripting vulnerability in the WEBrick HTTP server in Ruby allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page . The FileUtils.remove_entry_secure method in Ruby allows local users to delete arbitrary files via a symlink attack . The safe-level feature in Ruby ...