14 matches found
CVE-2022-31071
Octopoller is a micro gem for polling and retrying. Version 0.2.0 of the octopoller gem was published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to -rw-rw-rw- i.e. 0666 instead of rw-r--r-- i.e. 0644. This means everyone who is not t...
EUVD-2022-5885
Malicious code in bioql PyPI...
Insecure Permissions
Overview octopoller is a micro gem for polling and retrying, perfect for making repeating requests. Affected versions of this package are vulnerable to Insecure Permissions due to the gem file containing world-writable files, this means everyone who is not the owner Group and Public with access t...
Improper Access Control
octopoller is vulnerable to improper access control. The vulnerability exists because the files are given with world-writable permission without proper validations which allows a malicious attacker to modify files and change the existing behavior...
CVE-2022-31071
Octopoller is a micro gem for polling and retrying. Version 0.2.0 of the octopoller gem was published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to -rw-rw-rw- i.e. 0666 instead of rw-r--r-- i.e. 0644. This means everyone who is not t...
Design/Logic Flaw
Octopoller is a micro gem for polling and retrying. Version 0.2.0 of the octopoller gem was published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to -rw-rw-rw- i.e. 0666 instead of rw-r--r-- i.e. 0644. This means everyone who is not t...
CVE-2022-31071 Octopoller gem published with world-writable files
Octopoller is a micro gem for polling and retrying. Version 0.2.0 of the octopoller gem was published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to -rw-rw-rw- i.e. 0666 instead of rw-r--r-- i.e. 0644. This means everyone who is not t...
CVE-2022-31071
The CVE-2022-31071 affects the Ruby gem octopoller, specifically version 0.2.0, where world-writable files were included in the package (permissions 0666 instead of 0644). This permits modification of gem files by anyone on the host, potentially altering behavior at runtime. The issue was fixed i...
CVE-2022-31071 Octopoller gem published with world-writable files
Octopoller is a micro gem for polling and retrying. Version 0.2.0 of the octopoller gem was published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to -rw-rw-rw- i.e. 0666 instead of rw-r--r-- i.e. 0644. This means everyone who is not t...
CVE-2022-31071 Octopoller gem published with world-writable files
Octopoller is a micro gem for polling and retrying. Version 0.2.0 of the octopoller gem was published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to -rw-rw-rw- i.e. 0666 instead of rw-r--r-- i.e. 0644. This means everyone who is not t...
Octopoller gem published with world-writable files
Impact Version 0.2.0 of the octopoller gem was published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to -rw-rw-rw- i.e. 0666 instead of rw-r--r-- i.e. 0644. This means everyone who is not the owner Group and Public with access to the...
GHSA-26QJ-CR27-R5C4 Octopoller gem published with world-writable files
Impact Version 0.2.0 of the octopoller gem was published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to -rw-rw-rw- i.e. 0666 instead of rw-r--r-- i.e. 0644. This means everyone who is not the owner Group and Public with access to the...
Octopoller 安全漏洞
Octopoller is an Octokit open source micro gem for polling and retrying. A security vulnerability exists in Octopoller version 0.2.0, which stems from a problem with the permissions settings of files contained in the gem, and can be used to modify globally writable files in the gem...
Octopoller gem published with world-writable files
Impact Version 0.2.0 of the octopoller gem was published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to -rw-rw-rw- i.e. 0666 instead of rw-r--r-- i.e. 0644. This means everyone who is not the owner Group and Public with access to the...