Ryan Davis: >> Ruby Parser Security Vulnerabilities
The diff_pp function in lib/gauntlet_rubyparser.rb in the ruby_parser gem 3.1.1 and earlier for Ruby allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp.
CVSS Score
2.1
EPSS Score
0.002
Published
2013-03-01