CVE-2014-4994

Description

lib/gyazo/client.rb in the gyazo gem 1.0.0 for Ruby allows local users to write to arbitrary files via a symlink attack on a temporary file, related to time-based filenames.

CVSS Version 3.0
CVSS Version 2.0

nvd
CVE ID: CVE-2014-4994
Base Score: 5.5
Base Severity: MEDIUM
Vector String:CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

nvd
CVE ID: CVE-2014-4994
Base Score: 2.1
Base Severity: LOW
Vector String:AV:L/AC:L/Au:N/C:N/I:P/A:N

Refrence: NVD

Description​

Description