CVE-2023-0482

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2023-0482

CGA ID

CGA-77c7-2245-fqh7

Severity

Unknown

Description

In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.

References

https://images.chainguard.dev/security/CGA-77c7-2245-fqh7
https://github.com/advisories/GHSA-2c6g-pfx3-w7h8
https://security.netapp.com/advisory/ntap-20230427-0001/
https://github.com/resteasy/resteasy/pull/3409/commits/807d7456f2137cde8ef7c316707211bf4e542d56
https://security-tracker.debian.org/tracker/CVE-2023-0482

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Media Kit Contact Us

Private Policy

CVE-2023-0482

Severity

Description

References

Affected packages

Products

Why Chainguard

Customers

Company

Resources