Sha256: 2415882fb3898f383ab5906084431d32dd61c0af264ef74049647d320d3ab66a

Contents?: true

Size: 459 Bytes

Versions: 5

Compression:

Stored size: 459 Bytes

Contents

---
gem: ciborg
cve: 2014-5003
osvdb: 108586
url: http://osvdb.org/show/osvdb/108586
title: ciborg Gem for Ruby default.rb /tmp/perlbrew-installer Local Symlink File Overwrite
date: 2014-06-30
description: ciborg Gem for Ruby contains a flaw as default.rb creates temporary files insecurely. It is possible for a local attacker to use a symlink attack against the /tmp/perlbrew-installer file to cause the program to unexpectedly overwrite an arbitrary file.

Version data entries

5 entries across 5 versions & 2 rubygems

Version Path
bundler-budit-0.6.2 data/ruby-advisory-db/gems/ciborg/OSVDB-108586.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/ciborg/OSVDB-108586.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/ciborg/OSVDB-108586.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/ciborg/OSVDB-108586.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/ciborg/OSVDB-108586.yml