Ruby/rubocop/0.48.1
RuboCop is a Ruby code style checking and code formatting tool. It aims to enforce the community-driven Ruby Style Guide.
https://rubygems.org/gems/rubocop
MIT
2 Security Vulnerabilities
RuboCop gem Insecure use of /tmp
Published date: 2017-11-15T20:39:47Z
CVE: CVE-2017-8418
Links:
- https://nvd.nist.gov/vuln/detail/CVE-2017-8418
- https://github.com/advisories/GHSA-wmjf-jpjj-9f3j
- https://github.com/bbatsov/rubocop/issues/4336
- http://www.openwall.com/lists/oss-security/2017/05/01/14
- https://github.com/rubocop/rubocop/commit/dcb258fabd5f2624c1ea0e1634763094590c09d7
- https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rubocop/CVE-2017-8418.yml
RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing local users to exploit this to tamper with cache files belonging to other users.
Affected versions:
["0.48.1", "0.48.0", "0.47.1", "0.47.0", "0.46.0", "0.45.0", "0.44.1", "0.44.0", "0.43.0", "0.42.0", "0.41.2", "0.41.1", "0.41.0", "0.40.0", "0.39.0", "0.38.0", "0.37.2", "0.37.1", "0.37.0", "0.36.0", "0.35.1", "0.35.0", "0.34.2", "0.34.1", "0.34.0", "0.33.0", "0.32.1", "0.32.0", "0.31.0", "0.30.1", "0.30.0", "0.29.1", "0.29.0", "0.28.0", "0.27.1", "0.27.0", "0.26.1", "0.26.0", "0.25.0", "0.24.1", "0.24.0", "0.23.0", "0.22.0", "0.21.0", "0.20.1", "0.20.0", "0.19.1", "0.19.0", "0.18.1", "0.18.0", "0.17.0", "0.16.0", "0.15.0", "0.14.1", "0.14.0", "0.13.1", "0.13.0", "0.12.0", "0.11.1", "0.11.0", "0.10.0", "0.9.1", "0.9.0", "0.8.3", "0.8.2", "0.8.1", "0.8.0", "0.7.2", "0.7.1", "0.7.0", "0.6.1", "0.6.0", "0.5.0", "0.4.6", "0.4.5", "0.4.4", "0.4.3", "0.4.2", "0.4.1", "0.4.0", "0.3.2", "0.3.1", "0.3.0", "0.2.1", "0.2.0", "0.1.0", "0.0.0"]
Secure versions:
[1.2.0, 1.1.0, 1.0.0, 0.93.1, 0.93.0, 0.92.0, 0.91.1, 0.91.0, 0.90.0, 0.89.1, 0.89.0, 0.88.0, 0.87.1, 0.87.0, 0.86.0, 0.85.1, 0.85.0, 0.84.0, 0.83.0, 0.82.0, 0.81.0, 0.80.1, 0.80.0, 0.79.0, 0.78.0, 0.77.0, 0.76.0, 0.75.1, 0.75.0, 0.74.0, 0.73.0, 0.72.0, 0.71.0, 0.70.0, 0.69.0, 0.68.1, 0.68.0, 0.67.2, 0.67.1, 0.67.0, 0.66.0, 0.65.0, 0.64.0, 0.63.1, 0.63.0, 0.62.0, 0.61.1, 0.61.0, 0.60.0, 0.59.2, 0.59.1, 0.59.0, 0.58.2, 0.58.1, 0.58.0, 0.57.2, 0.57.1, 0.57.0, 0.56.0, 0.55.0, 0.54.0, 0.53.0, 0.52.1, 0.52.0, 0.51.0, 0.50.0, 0.49.1, 0.49.0, 1.3.0, 1.3.1, 1.4.0, 1.4.1, 1.4.2, 1.5.0, 1.5.1, 1.5.2, 1.6.0, 1.6.1, 1.7.0, 1.8.0, 1.8.1, 1.9.0, 1.9.1, 1.10.0, 1.11.0, 1.12.0, 1.12.1, 1.13.0, 1.14.0, 1.15.0, 1.16.0, 1.16.1, 1.17.0, 1.18.0, 1.18.1, 1.18.2, 1.18.3, 1.18.4, 1.19.0, 1.19.1, 1.20.0, 1.21.0, 1.22.0, 1.22.1, 1.22.2, 1.22.3, 1.23.0, 1.24.0, 1.24.1, 1.25.0, 1.25.1, 1.26.0, 1.26.1, 1.27.0, 1.28.0, 1.28.1, 1.28.2, 1.29.0, 1.29.1, 1.30.0, 1.30.1, 1.31.0, 1.31.1, 1.31.2, 1.32.0, 1.33.0, 1.34.0, 1.34.1, 1.35.0, 1.35.1, 1.36.0, 1.37.0, 1.37.1, 1.38.0, 1.39.0, 1.40.0, 1.41.0, 1.41.1, 1.42.0, 1.43.0, 1.44.0, 1.44.1, 1.45.0, 1.45.1, 1.46.0, 1.47.0, 1.48.0, 1.48.1, 1.49.0, 1.50.0, 1.50.1, 1.50.2, 1.51.0, 1.52.0, 1.52.1, 1.53.0, 1.53.1, 1.54.0, 1.54.1, 1.54.2, 1.55.0, 1.55.1, 1.56.0, 1.56.1, 1.56.2, 1.56.3, 1.56.4, 1.57.0, 1.57.1, 1.57.2, 1.58.0, 1.59.0, 1.60.0, 1.60.1, 1.60.2, 1.61.0, 1.62.0, 1.62.1, 1.63.0, 1.63.1, 1.63.2, 1.63.3, 1.63.4, 1.63.5, 1.64.0, 1.64.1, 1.65.0, 1.65.1, 1.66.0, 1.66.1, 1.67.0, 1.68.0]
Recommendation:
Update to version 1.68.0.
RuboCop gem Insecure use of /tmp
Published date: 2017-05-01
CVE: 2017-8418
CVSS V2: 2.1
CVSS V3: 3.3
RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing local users to exploit this to tamper with cache files belonging to other users.
Affected versions:
["0.48.1", "0.48.0", "0.47.1", "0.47.0", "0.46.0", "0.45.0", "0.44.1", "0.44.0", "0.43.0", "0.42.0", "0.41.2", "0.41.1", "0.41.0", "0.40.0", "0.39.0", "0.38.0", "0.37.2", "0.37.1", "0.37.0", "0.36.0", "0.35.1", "0.35.0", "0.34.2", "0.34.1", "0.34.0", "0.33.0", "0.32.1", "0.32.0", "0.31.0", "0.30.1", "0.30.0", "0.29.1", "0.29.0", "0.28.0", "0.27.1", "0.27.0", "0.26.1", "0.26.0", "0.25.0", "0.24.1", "0.24.0", "0.23.0", "0.22.0", "0.21.0", "0.20.1", "0.20.0", "0.19.1", "0.19.0", "0.18.1", "0.18.0", "0.17.0", "0.16.0", "0.15.0", "0.14.1", "0.14.0", "0.13.1", "0.13.0", "0.12.0", "0.11.1", "0.11.0", "0.10.0", "0.9.1", "0.9.0", "0.8.3", "0.8.2", "0.8.1", "0.8.0", "0.7.2", "0.7.1", "0.7.0", "0.6.1", "0.6.0", "0.5.0", "0.4.6", "0.4.5", "0.4.4", "0.4.3", "0.4.2", "0.4.1", "0.4.0", "0.3.2", "0.3.1", "0.3.0", "0.2.1", "0.2.0", "0.1.0", "0.0.0"]
Secure versions:
[1.2.0, 1.1.0, 1.0.0, 0.93.1, 0.93.0, 0.92.0, 0.91.1, 0.91.0, 0.90.0, 0.89.1, 0.89.0, 0.88.0, 0.87.1, 0.87.0, 0.86.0, 0.85.1, 0.85.0, 0.84.0, 0.83.0, 0.82.0, 0.81.0, 0.80.1, 0.80.0, 0.79.0, 0.78.0, 0.77.0, 0.76.0, 0.75.1, 0.75.0, 0.74.0, 0.73.0, 0.72.0, 0.71.0, 0.70.0, 0.69.0, 0.68.1, 0.68.0, 0.67.2, 0.67.1, 0.67.0, 0.66.0, 0.65.0, 0.64.0, 0.63.1, 0.63.0, 0.62.0, 0.61.1, 0.61.0, 0.60.0, 0.59.2, 0.59.1, 0.59.0, 0.58.2, 0.58.1, 0.58.0, 0.57.2, 0.57.1, 0.57.0, 0.56.0, 0.55.0, 0.54.0, 0.53.0, 0.52.1, 0.52.0, 0.51.0, 0.50.0, 0.49.1, 0.49.0, 1.3.0, 1.3.1, 1.4.0, 1.4.1, 1.4.2, 1.5.0, 1.5.1, 1.5.2, 1.6.0, 1.6.1, 1.7.0, 1.8.0, 1.8.1, 1.9.0, 1.9.1, 1.10.0, 1.11.0, 1.12.0, 1.12.1, 1.13.0, 1.14.0, 1.15.0, 1.16.0, 1.16.1, 1.17.0, 1.18.0, 1.18.1, 1.18.2, 1.18.3, 1.18.4, 1.19.0, 1.19.1, 1.20.0, 1.21.0, 1.22.0, 1.22.1, 1.22.2, 1.22.3, 1.23.0, 1.24.0, 1.24.1, 1.25.0, 1.25.1, 1.26.0, 1.26.1, 1.27.0, 1.28.0, 1.28.1, 1.28.2, 1.29.0, 1.29.1, 1.30.0, 1.30.1, 1.31.0, 1.31.1, 1.31.2, 1.32.0, 1.33.0, 1.34.0, 1.34.1, 1.35.0, 1.35.1, 1.36.0, 1.37.0, 1.37.1, 1.38.0, 1.39.0, 1.40.0, 1.41.0, 1.41.1, 1.42.0, 1.43.0, 1.44.0, 1.44.1, 1.45.0, 1.45.1, 1.46.0, 1.47.0, 1.48.0, 1.48.1, 1.49.0, 1.50.0, 1.50.1, 1.50.2, 1.51.0, 1.52.0, 1.52.1, 1.53.0, 1.53.1, 1.54.0, 1.54.1, 1.54.2, 1.55.0, 1.55.1, 1.56.0, 1.56.1, 1.56.2, 1.56.3, 1.56.4, 1.57.0, 1.57.1, 1.57.2, 1.58.0, 1.59.0, 1.60.0, 1.60.1, 1.60.2, 1.61.0, 1.62.0, 1.62.1, 1.63.0, 1.63.1, 1.63.2, 1.63.3, 1.63.4, 1.63.5, 1.64.0, 1.64.1, 1.65.0, 1.65.1, 1.66.0, 1.66.1, 1.67.0, 1.68.0]
Recommendation:
Update to version 1.68.0.
279 Other Versions
Version | License | Security | Released | |
---|---|---|---|---|
1.16.1 | MIT | 2021-06-09 - 10:46 | over 3 years | |
1.16.0 | MIT | 2021-06-01 - 07:05 | over 3 years | |
1.15.0 | MIT | 2021-05-17 - 07:17 | over 3 years | |
1.14.0 | MIT | 2021-05-05 - 07:54 | over 3 years | |
1.13.0 | MIT | 2021-04-20 - 08:04 | over 3 years | |
1.12.1 | MIT | 2021-04-04 - 13:59 | over 3 years | |
1.12.0 | MIT | 2021-03-24 - 13:37 | over 3 years | |
1.11.0 | MIT | 2021-03-01 - 07:52 | over 3 years | |
1.10.0 | MIT | 2021-02-15 - 13:10 | over 3 years | |
1.9.1 | MIT | 2021-02-01 - 07:37 | almost 4 years | |
1.9.0 | MIT | 2021-01-28 - 08:18 | almost 4 years | |
1.8.1 | MIT | 2021-01-11 - 11:18 | almost 4 years | |
1.8.0 | MIT | 2021-01-07 - 08:56 | almost 4 years | |
1.7.0 | MIT | 2020-12-25 - 07:22 | almost 4 years | |
1.6.1 | MIT | 2020-12-10 - 07:36 | almost 4 years | |
1.6.0 | MIT | 2020-12-09 - 12:10 | almost 4 years | |
1.5.2 | MIT | 2020-12-04 - 08:48 | almost 4 years | |
1.5.1 | MIT | 2020-12-02 - 16:00 | almost 4 years | |
1.5.0 | MIT | 2020-12-01 - 17:18 | almost 4 years | |
1.4.2 | MIT | 2020-11-25 - 08:13 | almost 4 years | |
1.4.1 | MIT | 2020-11-23 - 15:47 | almost 4 years | |
1.4.0 | MIT | 2020-11-23 - 09:00 | almost 4 years | |
1.3.1 | MIT | 2020-11-16 - 08:54 | almost 4 years | |
1.3.0 | MIT | 2020-11-12 - 08:03 | almost 4 years | |
1.2.0 | MIT | 2020-11-05 - 07:35 | about 4 years | |
1.1.0 | MIT | 2020-10-29 - 15:18 | about 4 years | |
1.0.0 | MIT | 2020-10-21 - 11:02 | about 4 years | |
0.93.1 | MIT | 2020-10-12 - 07:04 | about 4 years | |
0.93.0 | MIT | 2020-10-08 - 14:53 | about 4 years | |
0.92.0 | MIT | 2020-09-25 - 08:12 | about 4 years | |
0.91.1 | MIT | 2020-09-23 - 09:46 | about 4 years | |
0.91.0 | MIT | 2020-09-15 - 05:45 | about 4 years | |
0.90.0 | MIT | 2020-09-01 - 06:44 | about 4 years | |
0.89.1 | MIT | 2020-08-10 - 12:17 | about 4 years | |
0.89.0 | MIT | 2020-08-05 - 19:05 | over 4 years | |
0.88.0 | MIT | 2020-07-13 - 12:22 | over 4 years | |
0.87.1 | MIT | 2020-07-07 - 19:14 | over 4 years | |
0.87.0 | MIT | 2020-07-06 - 16:12 | over 4 years | |
0.86.0 | MIT | 2020-06-22 - 07:29 | over 4 years | |
0.85.1 | MIT | 2020-06-07 - 15:40 | over 4 years | |
0.85.0 | MIT | 2020-06-01 - 15:47 | over 4 years | |
0.84.0 | MIT | 2020-05-21 - 06:57 | over 4 years | |
0.83.0 | MIT | 2020-05-11 - 12:28 | over 4 years | |
0.82.0 | MIT | 2020-04-16 - 08:19 | over 4 years | |
0.81.0 | MIT | 2020-04-01 - 07:55 | over 4 years | |
0.80.1 | MIT | 2020-02-29 - 18:05 | over 4 years | |
0.80.0 | MIT | 2020-02-18 - 11:59 | over 4 years | |
0.79.0 | MIT | 2020-01-06 - 09:57 | almost 5 years | |
0.78.0 | MIT | 2019-12-18 - 20:51 | almost 5 years | |
0.77.0 | MIT | 2019-11-27 - 18:03 | almost 5 years | |
0.76.0 | MIT | 2019-10-28 - 14:54 | about 5 years | |
0.75.1 | MIT | 2019-10-14 - 16:58 | about 5 years | |
0.75.0 | MIT | 2019-09-30 - 17:05 | about 5 years | |
0.74.0 | MIT | 2019-07-31 - 19:12 | over 5 years | |
0.73.0 | MIT | 2019-07-16 - 08:57 | over 5 years | |
0.72.0 | MIT | 2019-06-25 - 14:36 | over 5 years | |
0.71.0 | MIT | 2019-05-30 - 13:53 | over 5 years | |
0.70.0 | MIT | 2019-05-21 - 10:26 | over 5 years | |
0.69.0 | MIT | 2019-05-13 - 08:57 | over 5 years | |
0.68.1 | MIT | 2019-04-30 - 19:46 | over 5 years | |
0.68.0 | MIT | 2019-04-29 - 13:53 | over 5 years | |
0.67.2 | MIT | 2019-04-05 - 07:54 | over 5 years | |
0.67.1 | MIT | 2019-04-04 - 17:13 | over 5 years | |
0.67.0 | MIT | 2019-04-04 - 15:23 | over 5 years | |
0.66.0 | MIT | 2019-03-18 - 09:27 | over 5 years | |
0.65.0 | MIT | 2019-02-19 - 08:43 | over 5 years | |
0.64.0 | MIT | 2019-02-10 - 13:54 | over 5 years | |
0.63.1 | MIT | 2019-01-22 - 03:02 | almost 6 years | |
0.63.0 | MIT | 2019-01-16 - 16:32 | almost 6 years | |
0.62.0 | MIT | 2019-01-01 - 08:40 | almost 6 years | |
0.61.1 | MIT | 2018-12-06 - 08:18 | almost 6 years | |
0.61.0 | MIT | 2018-12-05 - 12:42 | almost 6 years | |
0.60.0 | MIT | 2018-10-26 - 10:41 | about 6 years | |
0.59.2 | MIT | 2018-09-24 - 05:19 | about 6 years | |
0.59.1 | MIT | 2018-09-15 - 07:45 | about 6 years | |
0.59.0 | MIT | 2018-09-09 - 16:24 | about 6 years | |
0.58.2 | MIT | 2018-07-23 - 18:01 | over 6 years | |
0.58.1 | MIT | 2018-07-10 - 07:31 | over 6 years | |
0.58.0 | MIT | 2018-07-07 - 12:38 | over 6 years | |
0.57.2 | MIT | 2018-06-12 - 09:05 | over 6 years | |
0.57.1 | MIT | 2018-06-06 - 22:57 | over 6 years | |
0.57.0 | MIT | 2018-06-06 - 00:53 | over 6 years | |
0.56.0 | MIT | 2018-05-14 - 15:17 | over 6 years | |
0.55.0 | MIT | 2018-04-16 - 09:20 | over 6 years | |
0.54.0 | MIT | 2018-03-21 - 03:01 | over 6 years | |
0.53.0 | MIT | 2018-03-05 - 01:51 | over 6 years | |
0.52.1 | MIT | 2017-12-27 - 13:31 | almost 7 years | |
0.52.0 | MIT | 2017-12-12 - 13:56 | almost 7 years | |
0.51.0 | MIT | 2017-10-18 - 19:13 | about 7 years | |
0.50.0 | MIT | 2017-09-14 - 18:13 | about 7 years | |
0.49.1 | MIT | 2017-05-29 - 12:34 | over 7 years | |
0.49.0 | MIT | 2017-05-24 - 05:33 | over 7 years | |
0.48.1 | MIT | 2 | 2017-04-03 - 11:29 | over 7 years |
0.48.0 | MIT | 2 | 2017-03-26 - 09:53 | over 7 years |
0.47.1 | MIT | 2 | 2017-01-18 - 02:22 | almost 8 years |
0.47.0 | MIT | 2 | 2017-01-16 - 01:37 | almost 8 years |
0.46.0 | MIT | 2 | 2016-11-30 - 06:56 | almost 8 years |
0.45.0 | MIT | 2 | 2016-10-31 - 09:31 | about 8 years |
0.44.1 | MIT | 2 | 2016-10-13 - 14:55 | about 8 years |
0.44.0 | MIT | 2 | 2016-10-13 - 14:05 | about 8 years |