@cve-notifications.bsky.social on Bluesky

JavaScript RequiredThis is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is. Learn more about Bluesky at bsky.social and atproto.com.

Post

CVE Sentinel

cve-notifications.bsky.social

did:plc:fmpxu5qaccixyxvvyzsllshl

ID: CVE-2023-38037 CVSS V3.0: MEDIUM ActiveSupport::EncryptedFile writes contents that will be encrypted to a temporary file. The temporary file's permissions are defaulted to the user's current `umask` settings, meaning that it's possible for other users on the ... #security #infosec #cve-alert https://nvd.nist.gov/vuln/detail/CVE-2023-38037

2025-01-09T01:15:47.865Z