guava: insecure temporary directory creation

A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory...

UBUNTU-CVE-2023-2976

Use of Java's default temporary directory for file creation in FileBackedOutputStream in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files...

The vulnerability of the Files.createTempDir() implementation in the Java libraries of Google Guava allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Files.createTempDir function implementation in the Java libraries of Google Guava is related to the incorrect assignment of permissions for the temporary file directory. Exploiting this vulnerability may allow an attacker to gain unauthorized access to protected informati...

DEBIAN-CVE-2020-8908

A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir. By default, on unix-like systems, the created directory i...

Security Bulletin: Vulnerability in IBM WebSphere Application Server Liberty affects IBM Watson Compare and Comply on IBM Cloud Private

Summary There is a potential denial of service with the Google Guava library that is used in WebSphere Application Server Liberty which in turn is used by IBM Watson™ Compare and Comply on IBM Cloud Private. Vulnerability Details CVEID: CVE-2018-10237 DESCRIPTION: Google Guava is vulnerable to a...