CVE-2014-0177

The am function in lib/hub/commands.rb in hub before 1.12.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary patch file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.6 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:N/I:P/A:P
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
VendorProductVersion
githubhub
𝑥
≤ 1.12.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
nodejs
bionic
ignored
artful
ignored
zesty
ignored
yakkety
ignored
xenial
ignored
wily
ignored
vivid
ignored
utopic
ignored
trusty
ignored
saucy
ignored
precise
ignored
lucid
dne
Common Weakness Enumeration
References
http://secunia.com/advisories/58273
https://github.com/github/hub/commit/016ec99d25b1cb83cb4367e541177aa431beb600
http://secunia.com/advisories/58273
https://github.com/github/hub/commit/016ec99d25b1cb83cb4367e541177aa431beb600