Summary: An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::UserInteraction#verbose calls say without escaping, escape sequence injection is possible.Published: Monday, June 17, 2019 - 16:15cvss: