Ruby: SEGV in parse_rat()

A crafted string can cause SEGVREAD memory access to 0x000000000000 when parsed as rational number - ruby 2.5.1p57 on Fedora 28 $ ruby -e 'Rational"2e-9942067"' -e:1: warning: in ab, b may be too big -e:1: BUG Segmentation fault at 0x0000000000000000 ruby 2.5.1p57 2018-03-29 revision 63029...

CVE-2018-6914

Directory traversal vulnerability in the Dir.mktmpdir method in the tmpdir library in Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 might allow attackers to create arbitrary directories or files via a .. dot dot in the prefix argument...