Rubocop
1 CVEs
product
Monthly
RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing local users to exploit this to tamper with cache files belonging to other users. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.
Information Disclosure
Rubocop
NVD
GitHub
CVSS 3.0
3.3
EPSS
0.1%
CVE-2017-8418
Ruby
EPSS 0%
CVSS 3.3
LOW
POC
PATCH
Monitor
RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing local users to exploit this to tamper with cache files belonging to other users. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.
Information Disclosure
Rubocop
NVD
GitHub