RSS   Podatności dla 'Gyazo'   RSS

2018-01-10
 
CVE-2014-4994

CWE-20
 

 
lib/gyazo/client.rb in the gyazo gem 1.0.0 for Ruby allows local users to write to arbitrary files via a symlink attack on a temporary file, related to time-based filenames.

 


Copyright 2024, cxsecurity.com

 

Back to Top