These are all security issues fixed in the ruby2.7-rubygem-puma-5.4.0-1.2 package on the GA media of openSUSE Tumbleweed.