У версии 5.5 https://nvd.nist.gov/vuln/detail/CVE-2019-16255 Надо обновить на полностью совместимую, возможно, пока 5.8
ruby-2.5.9-alt1 -> p9: Mon Nov 16 2020 Pavel Skrylev <majioa@altlinux> 2.5.9-alt1 - ^ 2.5.5 -> 2.5.9 - Fixes: + CVE-2019-16255: A code injection vulnerability of Shell#[] and Shell#test (closes #39292) + CVE-2019-16254: HTTP response splitting in WEBrick (Additional fix) + CVE-2019-15845: A NUL injection vulnerability of File.fnmatch and File.fnmatch? + CVE-2019-16201: Regular Expression Denial of Service vulnerability of WEBrick's Digest access authentication