Low severity3.3NVD Advisory· Published May 2, 2017· Updated Jun 17, 2026
CVE-2017-8418
CVE-2017-8418
Description
RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing local users to exploit this to tamper with cache files belonging to other users.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
rubocopRubyGems | < 0.49.0 | 0.49.0 |
Affected products
2Patches
Vulnerability mechanics
References
6- www.openwall.com/lists/oss-security/2017/05/01/14nvdExploitMailing ListThird Party AdvisoryWEB
- github.com/bbatsov/rubocop/issues/4336nvdExploitThird Party AdvisoryWEB
- github.com/advisories/GHSA-wmjf-jpjj-9f3jghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-8418ghsaADVISORY
- github.com/rubocop/rubocop/commit/dcb258fabd5f2624c1ea0e1634763094590c09d7ghsaWEB
- github.com/rubysec/ruby-advisory-db/blob/master/gems/rubocop/CVE-2017-8418.ymlghsaWEB
News mentions
0No linked articles in our index yet.