VYPR

rpm package

opensuse/rubygem-activesupport-5.2&distro=openSUSE Leap 15.5

pkg:rpm/opensuse/rubygem-activesupport-5.2&distro=openSUSE%20Leap%2015.5

Vulnerabilities (1)

  • CVE-2023-38037MedJan 9, 2025
    affected < 5.2.3-bp155.3.5.1fixed 5.2.3-bp155.3.5.1

    ActiveSupport::EncryptedFile writes contents that will be encrypted to a temporary file. The temporary file's permissions are defaulted to the user's current `umask` settings, meaning that it's possible for other users on the same system to read the contents of the temporary