VYPR

CWE-378

Creation of Temporary File With Insecure Permissions

BaseDraftLikelihood: High

Description

Opening temporary files without appropriate measures or controls can leave the file, its contents and any function that it impacts vulnerable to attack.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (30)

page 1 of 2
  • CVE-2025-27148HigFeb 25, 2025
    risk 0.57cvss 8.8epss 0.00

    Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. On Unix-like systems, the system temporary directory can be created with open permissions that allow multiple users to create and delete files within it. This library…

  • CVE-2025-34352HigDec 2, 2025
    risk 0.55cvss epss 0.00

    JumpCloud Remote Assist for Windows versions prior to 0.317.0 include an uninstaller that is invoked by the JumpCloud Windows Agent as NT AUTHORITY\SYSTEM during agent uninstall or update operations. The Remote Assist uninstaller performs privileged create, write, execute, and…

  • CVE-2024-7358HigAug 1, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability was found in Point B Ltd Getscreen Agent 2.19.6 on Windows. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file getscreen.msi of the component Installation. The manipulation leads to creation of temporary file…

  • CVE-2016-9485HigJul 13, 2018
    risk 0.51cvss 7.8epss 0.01

    On Windows endpoints, the SecureConnector agent must run under the local SYSTEM account or another administrator account in order to enable full functionality of the agent. The typical configuration is for the agent to run as a Windows service under the local SYSTEM account. The…

  • CVE-2025-32438HigApr 15, 2025
    risk 0.50cvss 8.8epss 0.00

    make-initrd-ng is a tool for copying binaries and their dependencies. Local privilege escalation affecting all NixOS users. With systemd.shutdownRamfs.enable enabled (the default) a local user is able to create a program that will be executed by root during shutdown. Patches…

  • CVE-2026-33572HigMar 29, 2026
    risk 0.48cvss 8.4epss 0.00

    OpenClaw before 2026.2.17 creates session transcript JSONL files with overly broad default permissions, allowing local users to read transcript contents. Attackers with local access can read transcript files to extract sensitive information including secrets from tool output.

  • CVE-2026-4822HigMar 25, 2026
    risk 0.46cvss 7.0epss 0.00

    A vulnerability was detected in Enter Software Iperius Backup up to 8.7.3. Affected is an unknown function of the file C:\ProgramData\IperiusBackup\Jobs\ of the component Backup Service. Performing a manipulation results in creation of temporary file with insecure permissions.…

  • CVE-2026-4137HigMay 18, 2026
    risk 0.44cvss 7.8epss 0.00

    In mlflow/mlflow versions prior to 3.11.0, the `get_or_create_nfs_tmp_dir()` function in `mlflow/utils/file_utils.py` creates temporary directories with world-writable permissions (0o777), and the `_create_model_downloading_tmp_dir()` function in `mlflow/pyfunc/__init__.py`…

  • CVE-2025-55629MedAug 22, 2025
    risk 0.42cvss 6.5epss 0.00

    Insecure permissions in Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 allow attackers to arbitrarily change other users' passwords via manipulation of the userName value.

  • CVE-2025-4953HigSep 16, 2025
    risk 0.41cvss 7.4epss 0.01

    A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the…

  • CVE-2025-7647HigSep 27, 2025
    risk 0.40cvss 7.3epss 0.00

    The llama-index-core package, up to version 0.12.44, contains a vulnerability in the `get_cache_dir()` function where a predictable, hardcoded directory path `/tmp/llama_index` is used on Linux systems without proper security controls. This vulnerability allows attackers on…

  • CVE-2023-26603MedApr 26, 2024
    risk 0.38cvss 5.9epss 0.00

    JumpCloud Agent before 1.178.0 Creates a Temporary File in a Directory with Insecure Permissions. This allows privilege escalation to SYSTEM via a repair action in the installer.

  • CVE-2026-2817MedFeb 19, 2026
    risk 0.29cvss 4.4epss 0.00

    Use of insecure directory in Spring Data Geode snapshot import extracts archives into predictable, permissive directories under the system temp location. On shared hosts, a local user with basic privileges can access another user’s extracted snapshot contents, leading to…

  • CVE-2025-9474MedAug 26, 2025
    risk 0.29cvss 4.5epss 0.00

    A vulnerability was detected in Mihomo Party up to 1.8.1 on macOS. Affected is the function enableSysProxy of the file src/main/sys/sysproxy.ts of the component Socket Handler. The manipulation results in creation of temporary file with insecure permissions. The attack requires…

  • CVE-2024-47884LowOct 11, 2024
    risk 0.09cvss epss 0.00

    foxmarks is a CLI read-only interface for Firefox's bookmarks and history. A temporary file was created under the /tmp directory with read permissions for all users containing a copy of Firefox's database of bookmarks, history, input history, visits counter, use counter, view…

  • CVE-2024-23454Sep 25, 2024
    risk 0.00cvss epss 0.00

    Apache Hadoop’s RunJar.run() does not set permissions for temporary directory by default. If sensitive data will be present in this file, all the other local users may be able to view the content. This is because, on unix-like systems, the system temporary directory is…

  • CVE-2023-0481Feb 24, 2023
    risk 0.00cvss epss 0.00

    In RestEasy Reactive implementation of Quarkus the insecure File.createTempFile() is used in the FileBodyHandler class which creates temp files with insecure permissions that could be read by a local user.

  • CVE-2023-0482Feb 17, 2023
    risk 0.00cvss epss 0.01

    In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.

  • CVE-2022-24823May 6, 2022
    risk 0.00cvss epss 0.01

    Netty is an open-source, asynchronous event-driven network application framework. The package `io.netty:netty-codec-http` prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can…

  • CVE-2021-21430May 10, 2021
    risk 0.00cvss epss 0.00

    OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. Using `File.createTempFile` in JDK will result in creating and using insecure temporary files that can leave…