Описание
In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| A-MQ Clients 2 | RESTEasy | Fix deferred | ||
| Migration Toolkit for Runtimes | org.keycloak-keycloak-parent | Affected | ||
| Red Hat A-MQ Online | RESTEasy | Fix deferred | ||
| Red Hat build of Apicurio Registry 2 | RESTEasy | Affected | ||
| Red Hat build of Quarkus | org.jboss.resteasy/resteasy-core | Not affected | ||
| Red Hat Data Grid 8 | RESTEasy | Not affected | ||
| Red Hat Enterprise Linux 8 | resteasy | Fix deferred | ||
| Red Hat Enterprise Linux 9 | resteasy | Fix deferred | ||
| Red Hat Fuse 7 | RESTEasy | Fix deferred | ||
| Red Hat Integration Camel K 1 | RESTEasy | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
5.3 Medium
CVSS3
Связанные уязвимости
In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.
In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.
In RESTEasy the insecure File.createTempFile() is used in the DataSour ...
EPSS
5.3 Medium
CVSS3