0.0004 Low
EPSS
Percentile
12.6%
com.netflix.hollow uses an insecure temporary file. An attacker with the ability to create directories and set permissions on the local filesystem could pre-create this directory and read or modify anything written there by the Hollow process.
github.com/advisories/GHSA-9295-mhf3-v33m
github.com/Netflix/security-bulletins/blob/master/advisories/nflx-2021-001.md