CVE-2018-6914 in macOS
Summary
by MITRE
Directory traversal vulnerability in the Dir.mktmpdir method in the tmpdir library in Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 might allow attackers to create arbitrary directories or files via a .. (dot dot) in the prefix argument.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Analysis
by VulDB Data Team • 05/10/2026
The CVE-2018-6914 vulnerability represents a critical directory traversal flaw within Ruby's tmpdir library, specifically affecting multiple version branches including 2.2.x through 2.5.x and a preview release of 2.6.0. This vulnerability stems from improper input validation within the Dir.mktmpdir method which is responsible for creating temporary directories in Ruby applications. The flaw allows malicious actors to manipulate the prefix argument through the use of ".." sequences, enabling them to traverse directory structures beyond the intended temporary directory scope. Such directory traversal capabilities can result in arbitrary file creation or modification in system locations that should remain protected from unauthorized access.
The technical implementation of this vulnerability leverages the inherent behavior of file system path resolution where ".." sequences are interpreted as parent directory references. When the Dir.mktmpdir method processes a prefix argument containing these sequences, it fails to properly sanitize or validate the input before using it to construct temporary directory paths. This processing flaw creates a scenario where attackers can craft malicious prefix values that, when processed by the method, result in unintended directory creation or file manipulation operations. The vulnerability specifically targets the temporary directory creation mechanism that Ruby applications rely upon for secure temporary file handling, making it particularly dangerous for applications that use Ruby's built-in temporary file management capabilities.
From an operational impact perspective, this vulnerability poses significant security risks to Ruby applications that utilize the affected tmpdir library. Attackers can exploit this weakness to create temporary directories or files in arbitrary locations on the system, potentially leading to privilege escalation, data corruption, or information disclosure. The vulnerability can be particularly dangerous in web applications where user input might be processed through temporary directory creation methods, allowing remote attackers to manipulate the file system in ways that could compromise application integrity and system security. Organizations running Ruby applications across the affected version ranges face potential exposure to attackers who could leverage this vulnerability to establish persistent access or cause system-wide disruptions.
Mitigation strategies for CVE-2018-6914 primarily involve upgrading Ruby installations to versions that contain the patched tmpdir library implementation. System administrators should prioritize updating to Ruby 2.2.10, 2.3.7, 2.4.4, 2.5.1, or later releases that address the directory traversal vulnerability in the Dir.mktmpdir method. Additionally, organizations should implement input validation measures within their Ruby applications to sanitize any user-supplied prefix arguments before passing them to temporary directory creation methods. Security monitoring should include detection of suspicious path manipulation patterns and unauthorized directory creation activities. This vulnerability aligns with CWE-22 directory traversal weakness and maps to attack techniques in the MITRE ATT&CK framework under the T1059 command and scripting interpreter category, particularly when attackers leverage system-level directory traversal to establish persistence or escalate privileges within Ruby-based applications.