3 matches found
CVE-2020-8908
CVE-2020-8908 (Guava) : A temp directory creation vulnerability exists in all Guava versions where guava’s API com.google.common.io.Files.createTempDir() creates temporary directories that are world-readable on Unix-like systems. The issue arises because the temp dir permissions are not restricte...
CVE-2023-2976
The CVE-2023-2976 issue affects Google Guava’s FileBackedOutputStream in versions 1.0–31.1, where files created in the default Java temporary directory on Unix and Android ICS can be accessed by other users/apps. The NVD notes the vulnerability could expose data with high impact to confidentialit...
CVE-2018-10237
CVE-2018-10237 affects Google Guava 11.0–24.x before 24.1.1. Unbounded memory allocation occurs during Java serialization of AtomicDoubleArray and GWT serialization of CompoundOrdering, enabling potential denial-of-service via memory exhaustion. Root cause is eager allocation without checks on cl...