Vulnerabilities > CVE-2017-8418 - Exposure of Resource to Wrong Sphere vulnerability in Rubocop Project Rubocop

047910
CVSS 2.1 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
local
low complexity
rubocop-project
CWE-668

Summary

RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing local users to exploit this to tamper with cache files belonging to other users.

Vulnerable Configurations

Part Description Count
Application
Rubocop_Project
86

Common Weakness Enumeration (CWE)