CVE-2017-8418 (rubocop): RuboCop gem Insecure use of /tmp

CVE: CVE-2017-8418 ( NVD )
GHSA: GHSA-wmjf-jpjj-9f3j
Vendor Advisory: https://github.com/bbatsov/rubocop/issues/4336

RuboCop gem Insecure use of /tmp

Published: May 01, 2017

CVSS v3.x: 3.3 (Low)

CVSS v2.0: 2.1 (Low)

>= 0.49.0

RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing local users to exploit this to tamper with cache files belonging to other users.