Ryan Davis » Ruby Parser : Security Vulnerabilities, CVEs,
The diff_pp function in lib/gauntlet_rubyparser.rb in the ruby_parser gem 3.1.1 and earlier for Ruby allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp.
Max CVSS
2.1
EPSS Score
0.04%
Published
2013-03-01
Updated
2023-02-13
1 vulnerabilities found