MidnightBSD

Advisories for gyazo_project

CVE-2014-4994 LOW

lib/gyazo/client.rb in the gyazo gem 1.0.0 for Ruby allows local users to write to arbitrary files via a symlink attack on a temporary file, related to time-based filenames.

CVSS 2.0

Severity: LOW

Problem Type: CWE-20,

Products Affected

Vendor Product Version
gyazo_project gyazo 1.0.0