40 matches found
EUVD-2021-0893
Malware in sbrugna...
EUVD-2023-1735
Malicious code in bioql PyPI...
EUVD-2023-0537
Malicious code in bioql PyPI...
CVE-2023-33695
Hutool v5.8.17 and below was discovered to contain an information disclosure vulnerability via the File.createTempFile function at /core/io/FileUtil.java...
CVE-2023-33695
Hutool v5.8.17 and below was discovered to contain an information disclosure vulnerability via the File.createTempFile function at /core/io/FileUtil.java...
CVE-2023-33695
Hutool v5.8.17 and below was discovered to contain an information disclosure vulnerability via the File.createTempFile function at /core/io/FileUtil.java...
CVE-2023-33695
Hutool v5.8.17 and below was discovered to contain an information disclosure vulnerability via the File.createTempFile function at /core/io/FileUtil.java...
CVE-2023-33695
CVE-2023-33695 affects Hutool Core v5.8.17 and earlier, where FileUtil.createTempFile() stores the temporary file with insecure default permissions, enabling information disclosure. Multiple sources (NVD, Red Hat, GHSA, OSV, Veracode, CNNVD) confirm the vulnerability in /core/io/FileUtil.java. No...
CVE-2023-33695
Hutool v5.8.17 and below was discovered to contain an information disclosure vulnerability via the File.createTempFile function at /core/io/FileUtil.java...
Incorrect Permission Assignment for Critical Resource
Hutool v5.8.17 and below was discovered to contain an information disclosure vulnerability via the File.createTempFile function at /core/io/FileUtil.java...
CVE-2023-0481
In RestEasy Reactive implementation of Quarkus the insecure File.createTempFile is used in the FileBodyHandler class which creates temp files with insecure permissions that could be read by a local user...
CVE-2023-0481
The CVE-2023-0481 issue affects the RestEasy Reactive implementation of Quarkus, where FileBodyHandler uses File.createTempFile() to create temporary files with insecure permissions that could be read by a local user. This is evidenced by multiple sources in the connected documents: Veracode note...
CVE-2023-0482
In RESTEasy the insecure File.createTempFile is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user...
CVE-2023-0482
In RESTEasy the insecure File.createTempFile is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user...
CVE-2023-0482
In RESTEasy the insecure File.createTempFile is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user...
CVE-2023-0482
RESTEasy CVE-2023-0482 involves creation of insecure temporary files via File.createTempFile() in DataSourceProvider, FileProvider, and Mime4JWorkaround. This local-privilege escalation vulnerability can allow an authenticated local attacker to gain elevated privileges by reading or accessing ins...
Insecure Temporary File
globalpomutils-fileresources is vulnerable to Insecure Temporary Files. The vulnerability exists due to the File.createTempFile function in the createTmpDir method of FileResourceManagerProvider.java, which creates a temporary directory with default permissions. This directory has READ all...
Information Disclosure
java-merge-sort is vulnerable to information disclosure. The vulnerability exists because the File.createTempFile in the provide function of StdTempFileProvider.java does not properly set the correct POSIX permissions, allowing an attacker to gain sensitive information through the temporary file...
Java Merge-sort Insecure Temporary File vulnerability
Versions of the package com.fasterxml.util:java-merge-sort before 1.1.0 are vulnerable to Insecure Temporary File in the StdTempFileProvider function in StdTempFileProvider.java, which uses the permissive File.createTempFile function, exposing temporary file contents...
CVE-2022-24913
Versions of the package com.fasterxml.util:java-merge-sort before 1.1.0 are vulnerable to Insecure Temporary File in the StdTempFileProvider function in StdTempFileProvider.java, which uses the permissive File.createTempFile function, exposing temporary file contents...