VYPR

rpm package

suse/rubygem-activesupport-5.2&distro=SUSE Package Hub 15 SP5

pkg:rpm/suse/rubygem-activesupport-5.2&distro=SUSE%20Package%20Hub%2015%20SP5

Vulnerabilities (1)

  • CVE-2023-38037MedJan 9, 2025
    affected < 5.2.3-bp155.3.5.1fixed 5.2.3-bp155.3.5.1

    ActiveSupport::EncryptedFile writes contents that will be encrypted to a temporary file. The temporary file's permissions are defaulted to the user's current `umask` settings, meaning that it's possible for other users on the same system to read the contents of the temporary