Description
The rubyzip version required by the selenium-webdriver gem has a vulnerability that allows directory traversal:
rubyzip/rubyzip#315, was fixed in version 1.2.1
Not exactly sure how critical this is for the webdriver gem but an upgrade is highly appreciated in order to prevent dependeny conflicts due to different required versions, since other gems are upgrading to the latest rubyzip as well.