Количество 2
Количество 2
CVE-2021-28099
In Netflix OSS Hollow, since the Files.exists(parent) is run before creating the directories, an attacker can pre-create these directories with wide permissions. Additionally, since an insecure source of randomness is used, the file names to be created can be deterministically calculated.
GHSA-9295-mhf3-v33m
Insecure temporary file in Netflix OSS Hollow
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-28099 In Netflix OSS Hollow, since the Files.exists(parent) is run before creating the directories, an attacker can pre-create these directories with wide permissions. Additionally, since an insecure source of randomness is used, the file names to be created can be deterministically calculated. | CVSS3: 4.4 | 0% Низкий | почти 5 лет назад |
| GHSA-9295-mhf3-v33m Insecure temporary file in Netflix OSS Hollow | CVSS3: 4.4 | 0% Низкий | почти 5 лет назад |
Уязвимостей на страницу