DescriptionThe am function in lib/hub/commands.rb in hub before 1.12.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary patch file.
Overall state of this security issue: Does not affect SUSE products
This issue is currently not rated by SUSE as it is not affecting the SUSE Enterprise products.
|National Vulnerability Database|
List of released packages
|Product(s)||Fixed package version(s)||References|
|openSUSE Tumbleweed|| ||Patchnames: |
openSUSE Tumbleweed GA ruby2.2-rubygem-hub-1.12.4-2.1
SUSE Timeline for this CVECVE page created: Fri May 23 14:16:30 2014
CVE page last modified: Fri Oct 7 12:46:40 2022