ADVISORIES
- CVE-2013-0162 (NVD)
- GHSA-8mvw-22r7-w6fq
- OSVDB-90561
GEM
SEVERITY
CVSS v2.0: 2.1 (Low)
PATCHED VERSIONS
- >= 3.1.2
DESCRIPTION
The diff_pp function in lib/gauntlet_rubyparser.rb in the ruby_parser gem 3.1.1 and earlier for Ruby allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp.