Описание
RestEasy Reactive implementation of Quarkus allows Creation of Temporary File With Insecure Permissions
In RestEasy Reactive implementation of Quarkus the insecure File.createTempFile() is used in the FileBodyHandler class which creates temp files with insecure permissions that could be read by a local user.
Пакеты
io.quarkus.resteasy.reactive:resteasy-reactive-common
< 3.0.0.Alpha4
3.0.0.Alpha4
Связанные уязвимости
In RestEasy Reactive implementation of Quarkus the insecure File.createTempFile() is used in the FileBodyHandler class which creates temp files with insecure permissions that could be read by a local user.
In RestEasy Reactive implementation of Quarkus the insecure File.createTempFile() is used in the FileBodyHandler class which creates temp files with insecure permissions that could be read by a local user.