CVE-2014-0177
published 2014-05-27CVE-2014-0177: The am function in lib/hub/commands.rb in hub before 1.12.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary patch file.
PriorityP414low3.6CVSS 2.0
AVLACLAuNCNIPAP
EPSS
0.39%
30.5th percentile
The am function in lib/hub/commands.rb in hub before 1.12.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary patch file.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | github_hub | >= 0 < 1.12.1 | 1.12.1 |
| github | hub | <= 1.12.0 | — |
| insteon | hub | >= 0 < 1.12.1 | 1.12.1 |
CVSS provenance
nvdv2.03.6LOWAV:L/AC:L/Au:N/C:N/I:P/A:P
osv3.6LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Hub Package Arbitrary File Overwrite
osv·2022-02-15
CVE-2014-0177 [MEDIUM] Hub Package Arbitrary File Overwrite
Hub Package Arbitrary File Overwrite
The `am` function in `lib/hub/commands.rb` in hub before 1.12.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary patch file.
GHSA
Hub Package Arbitrary File Overwrite
ghsa·2022-02-15
CVE-2014-0177 [MEDIUM] CWE-377 Hub Package Arbitrary File Overwrite
Hub Package Arbitrary File Overwrite
The `am` function in `lib/hub/commands.rb` in hub before 1.12.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary patch file.
OSV
CVE-2014-0177: The am function in lib/hub/commands
osv·2014-05-27·CVSS 3.6
CVE-2014-0177 [LOW] CVE-2014-0177: The am function in lib/hub/commands
The am function in lib/hub/commands.rb in hub before 1.12.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary patch file.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2014-05-27
Published