CVE-2023-0481

LOW Year: 2023
CVSS v3 Score
3.3
Low
Weakness Type
CWE-378
View all →

Vulnerability Description

In RestEasy Reactive implementation of Quarkus the insecure File.createTempFile() is used in the FileBodyHandler class which creates temp files with insecure permissions that could be read by a local user.

Related Vulnerabilities

CVE-2020-8908

LOW
CVSS:3.3(Low)

A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API co...

CWE-3782020

CVE-2021-21331

LOW
CVSS:3.3(Low)

The Java client for the Datadog API before version 1.0.0-beta.9 has a local information disclosure of sensitive information downloaded via the API using the API Client. The Datadog API is executed on ...

CWE-3782021

CVE-2023-27408

LOW
CVSS:3.3(Low)

A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). The `i2c` mutex file is created with the permissions bits of `-rw-rw-rw-`. This file is used as a mutex for multiple appl...

CWE-3782023

CVE-2024-52543

MEDIUM
CVSS:4.4(Medium)

Dell NativeEdge, version(s) 2.1.0.0, contain(s) a Creation of Temporary File With Insecure Permissions vulnerability. A high privileged attacker with local access could potentially exploit this vulner...

CWE-3782024

CVE-2024-39872

CRITICAL
CVSS:9.9(Critical)

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application does not properly assign rights to temporary files created during its update pro...

CWE-3782024

CVE-2025-27148

HIGH
CVSS:8.8(High)

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. On Unix-like systems, the system temporary directory can be created with open permissions that a...

CWE-3782025