CVE-2014-0177 in Hubinfo

Summary

The am function in lib/hub/commands.rb in hub before 1.12.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary patch file.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

12/03/2013

Disclosure

05/27/2014

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-310 (Confirmed)

CVSS

5.1

EPSS

0.00137

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2014-0177
NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-0177
CVE Details	https://www.cvedetails.com/cve/CVE-2014-0177/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!