Contents

---
gem: ciborg
cve: 2014-5003
osvdb: 108586
url: https://nvd.nist.gov/vuln/detail/CVE-2014-5003
title: ciborg Gem for Ruby default.rb /tmp/perlbrew-installer Local Symlink File Overwrite
date: 2014-06-30
description: ciborg Gem for Ruby contains a flaw as default.rb creates temporary files insecurely. It is possible for a local attacker to use a symlink attack against the /tmp/perlbrew-installer file to cause the program to unexpectedly overwrite an arbitrary file.

Version data entries

1 entries across 1 versions & 1 rubygems

Version	Path
bundler-audit-0.7.0.1	data/ruby-advisory-db/gems/ciborg/CVE-2014-5003.yml