CVE-2024-43791

A flaw was found in RequestStore, which provides per-request global storage. This flaw allows a malicious user to execute arbitrary code due to global permission issues...

CVE-2024-43791

RequestStore provides per-request global storage for Rack. The files published as part of requeststore 1.3.2 have 0666 permissions, meaning that they are world-writable, which allows local users to execute arbitrary code. This version was published in 2017, and most production environments do not...