Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:38861
HistoryJan 13, 2023 - 2:19 a.m.

Information Disclosure

2023-01-1302:19:42
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
information disclosure
vulnerability
java-merge-sort
file.createtempfile()
stdtempfileprovider.java
posix permissions
sensitive information

0.0004 Low

EPSS

Percentile

15.5%

JSON

java-merge-sort is vulnerable to information disclosure. The vulnerability exists because the File.createTempFile() in the provide function of StdTempFileProvider.java does not properly set the correct POSIX permissions, allowing an attacker to gain sensitive information through the temporary file contents.

Related

cve 1
osv 2
nvd 1
prion 1
cvelist 1
github 1
cve
cve
CVE-2022-24913
2023-01-12 05:15:11
osv
osv
CVE-2022-24913
2023-01-12 05:15:11
Java Merge-sort Insecure Temporary File vulnerability
2023-01-12 06:30:24
nvd
nvd
CVE-2022-24913
2023-01-12 05:15:11
prion
prion
Session fixation
2023-01-12 05:15:00
cvelist
cvelist
CVE-2022-24913
2023-01-12 05:00:01
github
github
Java Merge-sort Insecure Temporary File vulnerability
2023-01-12 06:30:24

0.0004 Low

EPSS

Percentile

15.5%

JSON
Related for VERACODE:38861
cve1osv2nvd1prion1cvelist1github1