
Find real vulnerabilities before they ship
RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing local users to exploit this to tamper with cache files belonging to other users.
Base Score
3.3| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| rubocop(RubyGems) | 0 | 0.49.0 | N/A |
| Base Score | 3.3 |
|---|---|
| Vector String | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
| Base Severity | Low |
| Version | 3.0 |
| Attack Vector (AV) | LOCAL |