Creation of Temporary File in Directory with Insecure Permissions

Overview OpenTelemetry.Exporter.OpenTelemetryProtocol is an OTLP Exporter for OpenTelemetry .NET. Affected versions of this package are vulnerable to Creation of Temporary File in Directory with Insecure Permissions in the ExperimentalOptions used in handling disk retry storage for telemetry data...

PT-2023-21409 · Jenkins · Jenkins

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.393 and earlier Jenkins LTS versions 2.375.3 and earlier Description: The issue arises when uploading a file parameter through the CLI, as Jenkins creates a temporary file in the default temporary directory with default...

netty: Information disclosure via the local system temporary directory

In Netty there is a vulnerability on Unix-like systems involving an insecure temp file. When netty's multipart decoders are used, a local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. On unix-like systems, the...

Eclipse Jetty Access Control Error Vulnerability

Eclipse Jetty is the Eclipse Foundation of an open source , Java-based Web server and Java Servlet container . A security vulnerability exists in Eclipse Jetty that originates when a system's temporary directory is shared among all users on that system. Concurrent users could observe the creation...

Ubuntu 5.10 / 6.06 LTS / 6.10 : mutt vulnerabilities (USN-373-1)

Race conditions were discovered in mutt's handling of temporary files. Under certain conditions when using a shared temp directory the default, other local users could overwrite arbitrary files owned by the user running mutt. This vulnerability is more likely when the temp directory is over NFS...