2 matches found
CVE-2024-28862
The CVE-2024-28862 entry concerns the Ruby One Time Password library (ROTP). Affected versions had overly permissive default file permissions (0666) on Ruby .rb files, enabling potential local access/impact due to insecure permissions. The advisory advises upgrading to version 6.3.0; if patching ...
CVE-2024-28862
The Ruby One Time Password library ROTP is an open source library for generating and validating one time passwords. Affected versions had overly permissive default permissions. Users should patch to version 6.3.0. Users unable to patch may correct file permissions after installation...