Vulnerability

CVE-2020-8908

 Report advisory or correction

CVSS Score 3.3 low

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-379

References

https://github.com/google/guava/issues/4011

[CVE-2020-8908] CWE-379: Creation of Temporary File in Directory with Incorrect Permissions

Description

guava - Creation of Temporary File in Directory with Insecure Permissions [CVE-2020-8908] The software creates a temporary file in a directory whose permissions allow unintended actors to determine the file's existence or otherwise access that file.

See com.google.guava/guava package information