2 matches found
CVE-2021-22572
CVE-2021-22572 concerns a data disclosure in Unix-like environments where the system temporary directory is shared among users. The root cause is that File.createTempFile creates files in the system tmp directory with world-readable permissions, allowing any local user to view sensitive data writ...
CVE-2021-22572 Data-transfer-project information disclosure via tmp directory
On unix-like systems, the system temporary directory is shared between all users on that system. The root cause is File.createTempFile creates files in the the system temporary directory with world readable permissions. Any sensitive information written to theses files is visible to all other loc...