2.1
CVE-2013-0162
- EPSS 0.15%
- Veröffentlicht 01.03.2013 05:40:16
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
LoginThe diff_pp function in lib/gauntlet_rubyparser.rb in the ruby_parser gem 3.1.1 and earlier for Ruby allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ryan Davis ≫ Ruby Parser Version <= 3.1.1
Ryan Davis ≫ Ruby Parser Version1.0.0
Ryan Davis ≫ Ruby Parser Version2.0.0
Ryan Davis ≫ Ruby Parser Version2.0.1
Ryan Davis ≫ Ruby Parser Version2.0.2
Ryan Davis ≫ Ruby Parser Version2.0.3
Ryan Davis ≫ Ruby Parser Version2.0.4
Ryan Davis ≫ Ruby Parser Version2.0.5
Ryan Davis ≫ Ruby Parser Version2.0.6
Ryan Davis ≫ Ruby Parser Version2.1.0
Ryan Davis ≫ Ruby Parser Version2.2.0
Ryan Davis ≫ Ruby Parser Version2.3.0
Ryan Davis ≫ Ruby Parser Version2.3.1
Ryan Davis ≫ Ruby Parser Version3.0.0
Ryan Davis ≫ Ruby Parser Version3.0.0.a1
Ryan Davis ≫ Ruby Parser Version3.0.0.a2
Ryan Davis ≫ Ruby Parser Version3.0.0.a3
Ryan Davis ≫ Ruby Parser Version3.0.0.a4
Ryan Davis ≫ Ruby Parser Version3.0.0.a5
Ryan Davis ≫ Ruby Parser Version3.0.0.a6
Ryan Davis ≫ Ruby Parser Version3.0.0.a7
Ryan Davis ≫ Ruby Parser Version3.0.0.a8
Ryan Davis ≫ Ruby Parser Version3.0.0.a9
Ryan Davis ≫ Ruby Parser Version3.0.0.a10
Ryan Davis ≫ Ruby Parser Version3.0.1
Ryan Davis ≫ Ruby Parser Version3.0.2
Ryan Davis ≫ Ruby Parser Version3.0.3
Ryan Davis ≫ Ruby Parser Version3.0.4
Ryan Davis ≫ Ruby Parser Version3.1.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.15% | 0.357 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.1 | 3.9 | 2.9 |
AV:L/AC:L/Au:N/C:N/I:P/A:N
|