GMS-2011-3: Information Exposure

December 30, 2011

This package is vulnerable to Information Exposure. Permissions on a file were set only after writing a files content, which gives the attackers a window to obtain the file content.

References

github.com/yaybu/yaybu/blob/master/CHANGES
github.com/yaybu/yaybu/commit/7d07a4c7c0cea7379add71e4dd2457a766d5952a
github.com/yaybu/yaybu/issues/62

Code Behaviors & Features

Detect and mitigate GMS-2011-3 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →