Sha256: dee10005b6a70b9441e4c6d9ea453bdd97513f9e6b406ef427928e593e7af685

Contents?: true

Size: 465 Bytes

Versions: 6

Compression:

Stored size: 465 Bytes

Contents

---
gem: open-uri-cached
cve: 2015-3649
osvdb: 121701
url: http://seclists.org/oss-sec/2015/q2/373
title: open-uri-cached Gem for Ruby Unsafe Temporary File Creation Local Privilege Escalation
date: 2015-05-05
description: |
  open-uri-cached Gem for Ruby contains a flaw that is due to the
  program creating temporary files in a predictable, unsafe manner when using
  YAML. This may allow a local attacker to gain elevated privileges.
cvss_v2:
patched_versions:

Version data entries

6 entries across 6 versions & 2 rubygems

Version Path
bundler-audit-0.7.0.1 data/ruby-advisory-db/gems/open-uri-cached/OSVDB-121701.yml
bundler-budit-0.6.2 data/ruby-advisory-db/gems/open-uri-cached/OSVDB-121701.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/open-uri-cached/OSVDB-121701.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/open-uri-cached/OSVDB-121701.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/open-uri-cached/OSVDB-121701.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/open-uri-cached/OSVDB-121701.yml