CVE-2018-25068

CRITICAL Year: 2018
CVSS v3 Score
9.8
Critical
CVSS v2 Score
6.5
Medium
Weakness Type
CWE-377
View all →

Vulnerability Description

A vulnerability has been found in devent globalpom-utils up to 4.5.0 and classified as critical. This vulnerability affects the function createTmpDir of the file globalpomutils-fileresources/src/main/java/com/anrisoftware/globalpom/fileresourcemanager/FileResourceManagerProvider.java. The manipulation leads to insecure temporary file. The attack can be initiated remotely. Upgrading to version 4.5.1 is able to address this issue. The patch is identified as 77a820bac2f68e662ce261ecb050c643bd7ee560. It is recommended to upgrade the affected component. VDB-217570 is the identifier assigned to this vulnerability.

Related Vulnerabilities

CVE-2011-4119

CRITICAL
CVSS:9.8(Critical)

caml-light <= 0.75 uses mktemp() insecurely, and also does unsafe things in /tmp during make install.

CWE-3772011

CVE-2012-2666

CRITICAL
CVSS:9.8(Critical)

golang/go in 1.0.2 fixes all.bash on shared machines. dotest() in src/pkg/debug/gosym/pclntab_test.go creates a temporary file with predicable name and executes it as shell script.

CWE-3772012

CVE-2022-21809

CRITICAL
CVSS:9.9(Critical)

A file write vulnerability exists in the httpd upload.cgi functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can uploa...

CWE-3772022

CVE-2013-4561

CRITICAL
CVSS:9.1(Critical)

In a openshift node, there is a cron job to update mcollective facts that mishandles a temporary file. This may lead to loss of confidentiality and integrity.

CWE-3772013

CVE-2018-16494

HIGH
CVSS:8.8(High)

In VOS and overly permissive "umask" may allow for authorized users of the server to gain unauthorized access through insecure file permissions that can result in an arbitrary read, write, or executio...

CWE-3772018

CVE-2022-0315

HIGH
CVSS:8.2(High)

Insecure Temporary File in GitHub repository horovod/horovod prior to 0.24.0.

CWE-3772022