Generic security scanning is reporting false positives
https://dev.gitlab.org/gitlab/omnibus-gitlab/-/jobs/2462111
is reporting ruby as being vulnerable, whereas the involved package is recurly: https://nvd.nist.gov/vuln/detail/CVE-2017-0905
https://dev.gitlab.org/gitlab/omnibus-gitlab/-/jobs/2462111
is reporting ruby as being vulnerable, whereas the involved package is recurly: https://nvd.nist.gov/vuln/detail/CVE-2017-0905