7 matches found
EUVD-2018-0153
Malware in sbrugna...
Gyazo allows local users to write arbitrary files
lib/gyazo/client.rb in the gyazo gem 1.0.0 for Ruby allows local users to write to arbitrary files via a symlink attack on a temporary file, related to time-based filenames...
GHSA-6X45-86Q6-RCMR Gyazo allows local users to write arbitrary files
lib/gyazo/client.rb in the gyazo gem 1.0.0 for Ruby allows local users to write to arbitrary files via a symlink attack on a temporary file, related to time-based filenames...
Design/Logic Flaw
lib/gyazo/client.rb in the gyazo gem 1.0.0 for Ruby allows local users to write to arbitrary files via a symlink attack on a temporary file, related to time-based filenames...
CVE-2014-4994
lib/gyazo/client.rb in the gyazo gem 1.0.0 for Ruby allows local users to write to arbitrary files via a symlink attack on a temporary file, related to time-based filenames...
CVE-2014-4994
CVE-2014-4994 affects the gyazo Ruby gem (v1.0.0). The issue is in lib/gyazo/client.rb, where a symlink attack on a time-based temporary file allows local users to write to arbitrary files. The impact stated in connected sources is local access with partial integrity impact and no confidentiality...
gyazo Gem for Ruby client.rb Metacharacter Handling Remote Command Execution
gyazo Gem for Ruby contains a flaw in client.rb that is triggered when handling metacharacters. This may allow a remote attacker to execute arbitrary commands...