Unrated severityNVD Advisory· Published Mar 4, 2021· Updated Aug 3, 2024
CVE-2021-24031
CVE-2021-24031
Description
In the Zstandard command-line utility prior to v1.4.1, output files were created with default permissions. Correct file permissions (matching the input) would only be set at completion time. Output files could therefore be readable or writable to unintended parties.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- osv-coords3 versionspkg:rpm/opensuse/zstd&distro=openSUSE%20Leap%2015.2pkg:rpm/suse/zstd&distro=SUSE%20Linux%20Enterprise%20Micro%205.0pkg:rpm/suse/zstd&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2
< 1.4.4-lp152.2.3.1+ 2 more
- (no CPE)range: < 1.4.4-lp152.2.3.1
- (no CPE)range: < 1.4.4-1.6.1
- (no CPE)range: < 1.4.4-1.6.1
- Facebook/Zstandardv5Range: unspecified
Patches
Vulnerability mechanics
References
3- bugs.debian.org/cgi-bin/bugreport.cgimitrex_refsource_MISC
- github.com/facebook/zstd/issues/1630mitrex_refsource_MISC
- www.facebook.com/security/advisories/cve-2021-24031mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.