Описание
In RestEasy Reactive implementation of Quarkus the insecure File.createTempFile() is used in the FileBodyHandler class which creates temp files with insecure permissions that could be read by a local user.
Дополнительная информация
Статус:
Low
Дефект:
CWE-378
https://bugzilla.redhat.com/show_bug.cgi?id=2163533quarkus: insecure permissions on temp files
EPSS
Процентиль: 12%
0.0004
Низкий
5.3 Medium
CVSS3
Связанные уязвимости
CVSS3: 3.3
nvd
почти 3 года назад
In RestEasy Reactive implementation of Quarkus the insecure File.createTempFile() is used in the FileBodyHandler class which creates temp files with insecure permissions that could be read by a local user.
CVSS3: 3.3
github
почти 3 года назад
RestEasy Reactive implementation of Quarkus allows Creation of Temporary File With Insecure Permissions
EPSS
Процентиль: 12%
0.0004
Низкий
5.3 Medium
CVSS3