Contents

--- 
gem: ruby_parser
cve: 2013-0162
osvdb: 90561
url: http://osvdb.org/show/osvdb/90561
title: RubyGems ruby_parser (RP) Temporary File Symlink Arbitrary File Overwrite
date: 2013-02-21
description: RubyGems ruby_parser (RP) contains a flaw as rubygem-ruby_parser creates temporary files insecurely. It is possible for a local attacker to use a symlink attack to cause the program to unexpectedly overwrite an arbitrary file.
cvss_v2: 2.1
patched_versions: 
  - ">= 3.1.2"

Version data entries

14 entries across 14 versions & 3 rubygems

Version	Path
bundler-budit-0.6.2	data/ruby-advisory-db/gems/ruby_parser/OSVDB-90561.yml
bundler-budit-0.6.1	data/ruby-advisory-db/gems/ruby_parser/OSVDB-90561.yml
bundler-audit-0.6.1	data/ruby-advisory-db/gems/ruby_parser/OSVDB-90561.yml
bundler-audit-0.6.0	data/ruby-advisory-db/gems/ruby_parser/OSVDB-90561.yml
bundler-audit-0.5.0	data/ruby-advisory-db/gems/ruby_parser/OSVDB-90561.yml
bundler-audit-0.4.0	data/ruby-advisory-db/gems/ruby_parser/OSVDB-90561.yml
bundler-audit-0.3.1	data/ruby-advisory-db/gems/ruby_parser/OSVDB-90561.yml
mrjoy-bundler-audit-0.3.3	data/ruby-advisory-db/gems/ruby_parser/OSVDB-90561.yml
mrjoy-bundler-audit-0.3.2	data/ruby-advisory-db/gems/ruby_parser/OSVDB-90561.yml
mrjoy-bundler-audit-0.3.1	data/ruby-advisory-db/gems/ruby_parser/OSVDB-90561.yml
bundler-audit-0.3.0	data/ruby-advisory-db/gems/ruby_parser/OSVDB-90561.yml
mrjoy-bundler-audit-0.2.1	data/ruby-advisory-db/gems/ruby_parser/OSVDB-90561.yml
bundler-audit-0.2.0	data/ruby-advisory-db/gems/ruby_parser/OSVDB-90561.yml
mrjoy-bundler-audit-0.1.4	data/ruby-advisory-db/gems/ruby_parser/OSVDB-90561.yml