Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2013-0162
HistoryMar 01, 2013 - 12:00 a.m.

CVE-2013-0162

2013-03-0100:00:00
ubuntu.com
ubuntu.com
6

0.0004 Low

EPSS

Percentile

5.2%

JSON

The diff_pp function in lib/gauntlet_rubyparser.rb in the ruby_parser gem
3.1.1 and earlier for Ruby allows local users to overwrite arbitrary files
via a symlink attack on a temporary file with a predictable name in /tmp.

Notes

Author Note
mdeslaur probably mitigated by Yama
OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchruby-parser<ย anyUNKNOWN
ubuntu20.04noarchruby-parser<ย anyUNKNOWN
ubuntu16.04noarchruby-parser<ย anyUNKNOWN

Related

nessus 3
prion 1
securityvulns 2
cvelist 1
freebsd 1
github 1
seebug 1
cve 1
osv 1
debiancve 1
rubygems 1
redhat 2
nessus
nessus
FreeBSD : rubygem-ruby_parser -- insecure tmp file usage (e1aa3bdd-839a-4a77-8617-cca439a8f9fc)
2013-02-25 00:00:00
RHEL 6 : Subscription Asset Manager (RHSA-2013:0544)
2013-03-10 00:00:00
RHEL 6 : openshift (RHSA-2013:0582)
2018-12-06 00:00:00
prion
prion
Code injection
2013-03-01 05:40:00
securityvulns
securityvulns
CVE-2013-0162 rubygem-ruby_parser: incorrect temporary file usage / Public Service Announcement
2013-02-24 00:00:00
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2013-02-24 00:00:00
cvelist
cvelist
CVE-2013-0162
2013-03-01 02:00:00
freebsd
freebsd
rubygem-ruby_parser -- insecure tmp file usage
2013-02-24 00:00:00
github
github
ruby_parser allows local users to overwrite arbitrary files via symlink attack on temporary file with predictable name
2022-05-05 02:48:30
seebug
seebug
RubyGems 'ruby_parser' ไธๅฎ‰ๅ…จไธดๆ—ถๆ–‡ไปถๅˆ›ๅปบๆผๆดž(CVE-2013-0162)
2013-02-28 00:00:00
cve
cve
CVE-2013-0162
2013-03-01 05:40:16
osv
osv
ruby_parser allows local users to overwrite arbitrary files via symlink attack on temporary file with predictable name
2022-05-05 02:48:30
debiancve
debiancve
CVE-2013-0162
2013-03-01 05:40:16
rubygems
rubygems
CVE-2013-0162 rubygem-ruby_parser: incorrect temporary file usage
2013-02-20 20:00:00
redhat
redhat
(RHSA-2013:0544) Important: Subscription Asset Manager 1.2 update
2013-02-21 00:00:00
(RHSA-2013:0582) Moderate: Red Hat OpenShift Enterprise 1.1.1 update
2013-02-28 00:00:00

0.0004 Low

EPSS

Percentile

5.2%

JSON
Related for UB:CVE-2013-0162
nessus3prion1securityvulns2cvelist1freebsd1github1seebug1cve1osv1debiancve1rubygems1redhat2