mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 09:12:08 +00:00
679 B
679 B
CVE-2017-8418
Description
RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing local users to exploit this to tamper with cache files belonging to other users.
POC
Reference
- http://www.openwall.com/lists/oss-security/2017/05/01/14
- https://github.com/bbatsov/rubocop/issues/4336