2017/10/GHSA-gcqq-w6gr-h9j9 Directory traversal vulnerability in RubyZip