CVE-2014-0177

Medium

The am function in lib/hub/commands.rb in hub before 1.12.1 allows local users to overwrite arbitrary files via a symlink attack on a…

redhat·CWE-310·Published 2014-05-27

CVSS

4.4

EPSS

0.00

KEV

Exploits

cve.orgen

155 chars

The am function in lib/hub/commands.rb in hub before 1.12.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary patch file.

NVDen

155 chars

The am function in lib/hub/commands.rb in hub before 1.12.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary patch file.

The `am` function in `lib/hub/commands.rb` in hub before 1.12.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary patch file.

GHSAen

159 chars

The `am` function in `lib/hub/commands.rb` in hub before 1.12.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary patch file.

NVDes

201 chars

La función am en lib/hub/commands.rb en hub anterior a 1.12.1 permite a usuarios locales sobrescribir archivos arbitrarios a través de un ataque de enlace simbólico sobre un archivo de parche temporal.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	3.6	3.9	4.9	AV:L/AC:L/Au:N/C:N/I:P/A:P
3.1	Secondary	GHSA	4.4	—	—	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L