Lucene search
+L

291 matches found

RedHat Linux
RedHat Linux
added 2024/02/13 5:7 p.m.7 views

guava: insecure temporary directory creation

A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory...

7.1CVSS6.7AI score0.00248EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/02/13 4:55 p.m.4 views

guava: insecure temporary directory creation

A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory...

7.1CVSS6.7AI score0.00248EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/02/13 4:55 p.m.5 views

guava: insecure temporary directory creation

A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory...

7.1CVSS6.7AI score0.00248EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/02/13 4:55 p.m.9 views

guava: insecure temporary directory creation

A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory...

7.1CVSS6.7AI score0.00248EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/13 4:16 p.m.32 views

Security Bulletin: IBM Workload Automation potentially affected by a vulnerability in Google Guava (CVE-2023-2976)

Summary IBM Workload Automation is potentially affected by a vulnerability found in Google Guava that can cause sensitive information disclosure. Vulnerability Details CVEID:CVE-2023-2976 DESCRIPTION: Google Guava could allow a local authenticated attacker to obtain sensitive information, caused ...

7.1CVSS5.9AI score0.00248EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/02/13 12:0 a.m.45 views

RHEL 8 : Red Hat Single Sign-On 7.6.7 security update on RHEL 8 (Important) (RHSA-2024:0799)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0799 advisory. Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...

7.1CVSS7.2AI score0.0326EPSS
Exploits1References18
RedHat Linux
RedHat Linux
added 2024/02/12 10:38 a.m.4 views

guava: insecure temporary directory creation

A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory...

7.1CVSS6.7AI score0.00248EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/02/12 10:27 a.m.4 views

guava: insecure temporary directory creation

A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory...

7.1CVSS6.7AI score0.00248EPSS
Exploits0References4
Atlassian
Atlassian
added 2024/02/12 3:45 a.m.43 views

com.google.guava:guava Dependency in Jira Service Management Data Center and Server

This High severity com.google.guava:guava Dependency vulnerability was introduced in versions 4.20.0, 4.22.0, 5.0.0, 5.1.0, 5.2.0, 5.3.0, 5.4.0, 5.5.0, 5.6.0, 5.7.0, 5.8.0, 5.9.0, 5.10.0, 5.11.0, 5.12.0, and 5.13.0 of Jira Service Management Data Center and Server. This com.google.guava:guava...

7.1CVSS6.8AI score0.00248EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/05 9:11 p.m.31 views

Security Bulletin: IBM Spectrum Conductor with Google Guava versions 1.0 to 31.1 is vulnerable to access Java temporary directory

Summary IBM Spectrum Conductor with with Google Guava versions 1.0 to 31.1 is vulnerable to access Java temporary directory Vulnerability Details CVEID:CVE-2023-2976 DESCRIPTION: Google Guava could allow a local authenticated attacker to obtain sensitive information, caused by a flaw with using...

7.1CVSS6.1AI score0.00248EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/05 8:50 p.m.29 views

Security Bulletin: IBM Spectrum Symphony with Google Guava versions 1.0 to 31.1 is vulnerable to access Java temporary directory

Summary IBM Spectrum Symphony with with Google Guava versions 1.0 to 31.1 is vulnerable to access Java temporary directory Vulnerability Details CVEID:CVE-2023-2976 DESCRIPTION: Google Guava could allow a local authenticated attacker to obtain sensitive information, caused by a flaw with using...

7.1CVSS6.1AI score0.00248EPSS
Exploits0Affected Software1
Veracode
Veracode
added 2024/02/01 6:2 a.m.19 views

Information Disclosure

Spring Cloud Contract is vulnerable to Information Disclosure. The vulnerability is due to temporary directories created with insecure permissions due to the guava dependency...

5.5CVSS6.8AI score0.00223EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2024/01/31 9:30 a.m.25 views

Spring Cloud Contract vulnerable to local information disclosure

In Spring Cloud Contract, versions 4.1.x prior to 4.1.1, versions 4.0.x prior to 4.0.5, and versions 3.1.x prior to 3.1.10, test execution is vulnerable to local information disclosure via temporary directory created with unsafe permissions through the shaded com.google.guava:guava dependency in...

5.5CVSS6.6AI score0.00223EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/01/31 9:30 a.m.10 views

GHSA-P6RP-MX85-M459 Spring Cloud Contract vulnerable to local information disclosure

In Spring Cloud Contract, versions 4.1.x prior to 4.1.1, versions 4.0.x prior to 4.0.5, and versions 3.1.x prior to 3.1.10, test execution is vulnerable to local information disclosure via temporary directory created with unsafe permissions through the shaded com.google.guava:guava dependency in...

3.3CVSS6.1AI score0.00223EPSS
Exploits0References3
NVD
NVD
added 2024/01/31 7:15 a.m.33 views

CVE-2024-22236

In Spring Cloud Contract, versions 4.1.x prior to 4.1.1, versions 4.0.x prior to 4.0.5, and versions 3.1.x prior to 3.1.10, test execution is vulnerable to local information disclosure via temporary directory created with unsafe permissions through the shaded com.google.guava:guava dependency in...

5.5CVSS4.4AI score0.00223EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/31 6:54 a.m.38 views

CVE-2024-22236

In Spring Cloud Contract, versions 4.1.x prior to 4.1.1, versions 4.0.x prior to 4.0.5, and versions 3.1.x prior to 3.1.10, test execution is vulnerable to local information disclosure via temporary directory created with unsafe permissions through the shaded com.google.guava:guava dependency in...

3.3CVSS5.5AI score0.00223EPSS
Exploits0References1
OSV
OSV
added 2024/01/31 6:54 a.m.24 views

CVE-2024-22236

In Spring Cloud Contract, versions 4.1.x prior to 4.1.1, versions 4.0.x prior to 4.0.5, and versions 3.1.x prior to 3.1.10, test execution is vulnerable to local information disclosure via temporary directory created with unsafe permissions through the shaded com.google.guava:guava dependency in...

3.3CVSS6.6AI score0.00223EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/01/31 12:0 a.m.10 views

PT-2024-19288 · Google +1 · Guava +1

Name of the Vulnerable Software and Affected Versions: Spring Cloud Contract versions 3.1.x prior to 3.1.10 Spring Cloud Contract versions 4.0.x prior to 4.0.5 Spring Cloud Contract versions 4.1.x prior to 4.1.1 Description: The issue concerns local information disclosure via a temporary director...

5.5CVSS5.2AI score0.00223EPSS
Exploits0References11
Spring Security Advisories
Spring Security Advisories
added 2024/01/30 12:0 a.m.6 views

local information disclosure via temporary directory created with unsafe permissions

In Spring Cloud Contract, versions 4.1.x prior to 4.1.1, versions 4.0.x prior to 4.0.5, and versions 3.1.x prior to 3.1.10, test execution is vulnerable to local information disclosure via temporary directory created with unsafe permissions through the shaded com.google.guava:guava dependency in...

5.5CVSS6.2AI score0.00964EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/24 2:2 p.m.34 views

Security Bulletin: IBM Disconnected Log Collector is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. This update addresses these CVEs. Vulnerability Details CVEID:CVE-2023-35116 DESCRIPTION: Fasterxml jackson-databind is vulnerable to a denial of service, caused...

7.5CVSS7.5AI score0.01762EPSS
Exploits3Affected Software1
Rows per page
Query Builder