CVE-2013-4318: /tmp file injection vulnerability

September 9, 2013

A malicious user creating /tmp/out.html first and repeatedly writing to it can inject malicious html into the file right before it is opened. PoC: nobody () sp0rk:/$ while (true); do echo “ alert(‘Hello’); ” » /tmp/out.html; done Will pop up a javascript alert in other gem users browser.

References

seclists.org/oss-sec/2013/q3/571

Detect and mitigate CVE-2013-4318 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →