In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.
References
Configurations
History
27 Apr 2023, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
01 Mar 2023, 13:44
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:redhat:resteasy:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
References | (MISC) https://github.com/resteasy/resteasy/pull/3409/commits/807d7456f2137cde8ef7c316707211bf4e542d56 - Patch | |
CWE | NVD-CWE-Other |
21 Feb 2023, 14:50
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-02-17 22:15
Updated : 2024-02-04 23:14
NVD link : CVE-2023-0482
Mitre link : CVE-2023-0482
CVE.ORG link : CVE-2023-0482
JSON object : View
Products Affected
redhat
- resteasy
CWE