VYPR

CWE-377

Insecure Temporary File

ClassIncomplete

Description

Creating and using insecure temporary files can leave application and system data vulnerable to attack.

Hierarchy (View 1000)

Parents

Related attack patterns (CAPEC)

CAPEC-149 · CAPEC-155

CVEs mapped to this weakness (63)

page 2 of 4
  • CVE-2024-23287MedMar 8, 2024
    risk 0.36cvss 5.5epss 0.01

    A privacy issue was addressed with improved handling of temporary files. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. An app may be able to access user-sensitive data.

  • CVE-2017-7560MedSep 13, 2017
    risk 0.36cvss 5.5epss 0.00

    It was found that rhnsd PID files are created as world-writable that allows local attackers to fill the disks or to kill selected processes.

  • CVE-2024-34490MedMay 5, 2024
    risk 0.33cvss 5.1epss 0.00

    In Maxima through 5.47.0 before 51704c, the plotting facilities make use of predictable names under /tmp. Thus, the contents may be controlled by a local attacker who can create files in advance with these names. This affects, for example, plot2d.

  • CVE-2025-9474MedAug 26, 2025
    risk 0.29cvss 4.5epss 0.00

    A vulnerability was detected in Mihomo Party up to 1.8.1 on macOS. Affected is the function enableSysProxy of the file src/main/sys/sysproxy.ts of the component Socket Handler. The manipulation results in creation of temporary file with insecure permissions. The attack requires…

  • CVE-2023-38037MedJan 9, 2025
    risk 0.29cvss 5.5epss 0.00

    ActiveSupport::EncryptedFile writes contents that will be encrypted to a temporary file. The temporary file's permissions are defaulted to the user's current `umask` settings, meaning that it's possible for other users on the same system to read the contents of the temporary…

  • CVE-2017-15111MedJan 20, 2018
    risk 0.29cvss 5.5epss 0.00

    keycloak-httpd-client-install versions before 0.8 insecurely creates temporary file allowing local attackers to overwrite other files via symbolic link.

  • CVE-2026-41001MedJun 11, 2026
    risk 0.27cvss 5.3epss 0.00

    Spring Boot's ArtemisEmbeddedConfigurationFactory uses a fixed, static path for the embedded Artemis message broker's data directory when no explicit path is configured. A local attacker on the same host can pre-create this predictable directory or place a symlink before the…

  • CVE-2026-35342LowApr 22, 2026
    risk 0.14cvss 3.3epss 0.00

    The mktemp utility in uutils coreutils fails to properly handle an empty TMPDIR environment variable. Unlike GNU mktemp, which falls back to /tmp when TMPDIR is an empty string, the uutils implementation treats the empty string as a valid path. This causes temporary files to be…

  • CVE-2026-25645Mar 25, 2026
    risk 0.00cvss epss 0.00

    Requests is a HTTP library. Prior to version 2.33.0, the `requests.utils.extract_zipped_paths()` utility function uses a predictable filename when extracting files from zip archives into the system temporary directory. If the target file already exists, it is reused without…

  • CVE-2025-66625Dec 9, 2025
    risk 0.00cvss epss 0.00

    Umbraco is an ASP.NET CMS. Due to unsafe handling and deletion of temporary files in versions 10.0.0 through 13.12.0, during the dictionary upload process an attacker with access to the backoffice can trigger predictable requests to temporary file paths. The application’s…

  • CVE-2025-14307Dec 9, 2025
    risk 0.00cvss epss 0.00

    An insecure temporary file creation vulnerability exists in the AutoExtract component of Robocode version 1.9.3.6. The createTempFile method fails to securely create temporary files, allowing attackers to exploit race conditions and potentially execute arbitrary code or…

  • CVE-2025-7707Oct 13, 2025
    risk 0.00cvss epss 0.00

    The llama_index library version 0.12.33 sets the NLTK data directory to a subdirectory of the codebase by default, which is world-writable in multi-user environments. This configuration allows local users to overwrite, delete, or corrupt NLTK data files, leading to potential…

  • CVE-2024-22236Jan 31, 2024
    risk 0.00cvss epss 0.00

    In Spring Cloud Contract, versions 4.1.x prior to 4.1.1, versions 4.0.x prior to 4.0.5, and versions 3.1.x prior to 3.1.10, test execution is vulnerable to local information disclosure via temporary directory created with unsafe permissions through the shaded…

  • CVE-2023-43498Sep 20, 2023
    risk 0.00cvss epss 0.01

    In Jenkins 2.423 and earlier, LTS 2.414.1 and earlier, processing file uploads using MultipartFormDataParser creates temporary files in the default system temporary directory with the default permissions for newly created files, potentially allowing attackers with access to the…

  • CVE-2023-33695Jun 13, 2023
    risk 0.00cvss epss 0.00

    Hutool v5.8.17 and below was discovered to contain an information disclosure vulnerability via the File.createTempFile() function at /core/io/FileUtil.java.

  • CVE-2023-2800May 18, 2023
    risk 0.00cvss epss 0.00

    Insecure Temporary File in GitHub repository huggingface/transformers prior to 4.30.0.

  • CVE-2022-24913Jan 12, 2023
    risk 0.00cvss epss 0.00

    Versions of the package com.fasterxml.util:java-merge-sort before 1.1.0 are vulnerable to Insecure Temporary File in the StdTempFileProvider() function in StdTempFileProvider.java, which uses the permissive File.createTempFile() function, exposing temporary file contents.

  • CVE-2018-25068Jan 6, 2023
    risk 0.00cvss epss 0.01

    A vulnerability has been found in devent globalpom-utils up to 4.5.0 and classified as critical. This vulnerability affects the function createTmpDir of the file globalpomutils-fileresources/src/main/java/com/anrisoftware/globalpom/fileresourcemanager/FileResourceManagerProvider.…

  • CVE-2022-3952Nov 11, 2022
    risk 0.00cvss epss 0.01

    A vulnerability has been found in ManyDesigns Portofino 5.3.2 and classified as problematic. Affected by this vulnerability is the function createTempDir of the file WarFileLauncher.java. The manipulation leads to creation of temporary file in directory with insecure…

  • CVE-2021-3702Aug 23, 2022
    risk 0.00cvss epss 0.00

    A race condition flaw was found in ansible-runner, where an attacker could watch for rapid creation and deletion of a temporary directory, substitute their directory at that name, and then have access to ansible-runner's private_data_dir the next time ansible-runner made use of…