Symlink Attack Affecting rubocop package, versions <0.36.0, >=0.34.0
Snyk CVSS
Attack Complexity
Low
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-RUBY-RUBOCOP-20460
- published 25 Dec 2017
- disclosed 8 Dec 2015
- credit Ari Pollak
How to fix?
Upgrade rubocop
to version 0.36.0 or higher.
Overview
rubocop
is an automatic Ruby code style checking tool.
Aims to enforce the community-driven Ruby Style Guide.
Affected versions of the package are vulnerable to Symlink Attack.