java-merge-sort is vulnerable to information disclosure. The vulnerability exists because the File.createTempFile()
in the provide
function of StdTempFileProvider.java
does not properly set the correct POSIX permissions, allowing an attacker to gain sensitive information through the temporary file contents.
CPE | Name | Operator | Version |
---|---|---|---|
java-merge-sort | le | 1.0.2 | |
java-merge-sort | le | 1.0.2 |