Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:gem/ruby_parser@3.1.2
purl pkg:gem/ruby_parser@3.1.2
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-vspr-h3ds-dudq Incorrect temporary file usage The ruby_parser Gem does not create temporary files securely. In the `diff_pp` function contained in `lib/gauntlet_rubyparser.rb` function, it creates files as `/tmp/a.[pid]` and `/tmp/b.[pid]` which can be predicted and used for either a denial of service (file cannot be overwritten), or to change the contents of files that are writable. CVE-2013-0162
GHSA-8mvw-22r7-w6fq
OSV-90561

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-01T16:00:45.150616+00:00 GHSA Importer Fixing VCID-vspr-h3ds-dudq https://github.com/advisories/GHSA-8mvw-22r7-w6fq 38.0.0
2026-04-01T13:08:23.536922+00:00 GithubOSV Importer Fixing VCID-vspr-h3ds-dudq https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-8mvw-22r7-w6fq/GHSA-8mvw-22r7-w6fq.json 38.0.0
2026-04-01T12:46:48.387502+00:00 GitLab Importer Fixing VCID-vspr-h3ds-dudq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/ruby_parser/CVE-2013-0162.yml 38.0.0