CVE-2017-8418

Опубликовано: 02 мая 2017

Источник: debian

Описание

RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing local users to exploit this to tamper with cache files belonging to other users.

Пакет	Статус	Версия исправления	Релиз	Тип
rubocop	fixed	0.49.1+dfsg-1		package

https://github.com/bbatsov/rubocop/issues/4336
https://github.com/bbatsov/rubocop/commit/dcb258fabd5f2624c1ea0e1634763094590c09d7

CVE-2017-8418

CVSS3: 3.3

ubuntu

почти 9 лет назад

RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing local users to exploit this to tamper with cache files belonging to other users.

CVE-2017-8418

CVSS3: 3.3

nvd

почти 9 лет назад

RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing local users to exploit this to tamper with cache files belonging to other users.

GHSA-wmjf-jpjj-9f3j

CVSS3: 3.3

github

около 8 лет назад

RuboCop gem Insecure use of /tmp