CVE-2012-4522
CVSS v2.0
5 (Medium)
EPSS
0.39 % (74th)
Affected Products
1
Advisories
9
The rb_get_path_check function in file.c in Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent attackers to create files in unexpected locations or with unexpected names via a NUL byte in a file path.
Weaknesses
- CWE-264
- Permissions, Privileges, and Access Controls
- CVE Status
- PUBLISHED
- CNA
- Red Hat, Inc.
- Published Date
-
2012-11-24 20:55:03
(11 years ago) - Updated Date
-
2013-05-04 03:20:45
(11 years ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...