VYPR

rpm package

opensuse/ruby3.2-rubygem-rails-7.0&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/ruby3.2-rubygem-rails-7.0&distro=openSUSE%20Tumbleweed

Vulnerabilities (1)

  • CVE-2023-38037MedJan 9, 2025
    affected < 7.0.8-1.1fixed 7.0.8-1.1

    ActiveSupport::EncryptedFile writes contents that will be encrypted to a temporary file. The temporary file's permissions are defaulted to the user's current `umask` settings, meaning that it's possible for other users on the same system to read the contents of the temporary