5 matches found
EUVD-2018-0153
Malware in sbrugna...
GHSA-6X45-86Q6-RCMR Gyazo allows local users to write arbitrary files
lib/gyazo/client.rb in the gyazo gem 1.0.0 for Ruby allows local users to write to arbitrary files via a symlink attack on a temporary file, related to time-based filenames...
Design/Logic Flaw
lib/gyazo/client.rb in the gyazo gem 1.0.0 for Ruby allows local users to write to arbitrary files via a symlink attack on a temporary file, related to time-based filenames...
CVE-2014-4994
CVE-2014-4994 affects the gyazo Ruby gem (v1.0.0). The issue is in lib/gyazo/client.rb, where a symlink attack on a time-based temporary file allows local users to write to arbitrary files. The impact stated in connected sources is local access with partial integrity impact and no confidentiality...
CVE-2014-4994
lib/gyazo/client.rb in the gyazo gem 1.0.0 for Ruby allows local users to write to arbitrary files via a symlink attack on a temporary file, related to time-based filenames...