A vulnerability in the Ruby package manager could make life easier for hackers to redirect victims to trouble. RubyGems maintainers patched a vulnerability, reported by Trustwave and OpenDNS, that allows RubyGem clients to be redirected to an attacker-controlled gem server. Trustwave estimates that more than a million software installations daily could be affected, extrapolating out to 438 million annually. Ruby, JRuby, and Rubinuius have all been confirmed to be affected by the vulnerability.
Source: https://threatpost.com/rubygems-patches-serious-redirection-vulnerability/113425/