Lucene search

K
prionPRIOn knowledge basePRION:CVE-2021-28099
HistoryMar 23, 2021 - 9:15 p.m.

Design/Logic Flaw

2021-03-2321:15:00
PRIOn knowledge base
www.prio-n.com
3

4.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.6%

In Netflix OSS Hollow, since the Files.exists(parent) is run before creating the directories, an attacker can pre-create these directories with wide permissions. Additionally, since an insecure source of randomness is used, the file names to be created can be deterministically calculated.

4.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.6%

Related for PRION:CVE-2021-28099