globalpomutils-fileresources is vulnerable to Insecure Temporary Files. The vulnerability exists due to the File.createTempFile
function in the createTmpDir
method of FileResourceManagerProvider.java
, which creates a temporary directory with default permissions. This directory has READ all permissions, allowing an attacker access to potentially sensitive files, which results in Sensitive Information Disclosure.
CPE | Name | Operator | Version |
---|---|---|---|
global pom utilities :: file resources manager | le | 4.5.0 | |
global pom utilities :: file resources manager | le | 4.5.0 |