VYPR
Unrated severityNVD Advisory· Published Nov 24, 2012· Updated Jun 16, 2026

CVE-2012-4522

CVE-2012-4522

Description

The rb_get_path_check function in file.c in Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent attackers to create files in unexpected locations or with unexpected names via a NUL byte in a file path.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Ruby Lang/Ruby3 versions
    cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*
    • (no CPE)range: 1.9.3 < patchlevel 286, 2.0.0 < r37163

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.