VYPR

CWE-379

Creation of Temporary File in Directory with Insecure Permissions

BaseIncompleteLikelihood: Low

Description

The product creates a temporary file in a directory whose permissions allow unintended actors to determine the file's existence or otherwise access that file.

On some operating systems, the fact that the temporary file exists may be apparent to any user with sufficient privileges to access that directory. Since the file is visible, the application that is using the temporary file could be known. If one has access to list the processes on the system, the attacker has gained information about what the user is doing at that time. By correlating this with the applications the user is running, an attacker could potentially discover what a user's actions are. From this, higher levels of security could be breached.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (28)

page 1 of 2
  • CVE-2025-27148HigFeb 25, 2025
    risk 0.57cvss 8.8epss 0.00

    Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. On Unix-like systems, the system temporary directory can be created with open permissions that allow multiple users to create and delete files within it. This library…

  • CVE-2016-9486HigJul 13, 2018
    risk 0.51cvss 7.8epss 0.01

    On Windows endpoints, the SecureConnector agent must run under the local SYSTEM account or another administrator account in order to enable full functionality of the agent. The typical configuration is for the agent to run as a Windows service under the local SYSTEM account. The…

  • CVE-2025-32438HigApr 15, 2025
    risk 0.50cvss 8.8epss 0.00

    make-initrd-ng is a tool for copying binaries and their dependencies. Local privilege escalation affecting all NixOS users. With systemd.shutdownRamfs.enable enabled (the default) a local user is able to create a program that will be executed by root during shutdown. Patches…

  • CVE-2024-7562HigJun 12, 2025
    risk 0.47cvss epss 0.00

    A potential elevated privilege issue has been reported with InstallShield built Standalone MSI setups having multiple InstallScript custom actions configured. All supported versions (InstallShield 2023 R2, InstallShield 2022 R2 and InstallShield 2021 R2) are affected by this…

  • CVE-2019-25677MedApr 5, 2026
    risk 0.40cvss 6.2epss 0.00

    WinRAR 5.61 contains a denial of service vulnerability that allows local attackers to crash the application by placing a malformed winrar.lng language file in the installation directory. Attackers can trigger the crash by opening an archive and pressing the test button, causing…

  • CVE-2025-32802MedMay 28, 2025
    risk 0.40cvss 6.1epss 0.00

    Kea configuration and API directives can be used to overwrite arbitrary files, subject to permissions granted to Kea. Many common configurations run Kea as root, leave the API entry points unsecured by default, and/or place the control sockets in insecure paths. This issue…

  • CVE-2013-1815MedApr 10, 2013
    risk 0.40cvss 6.1epss 0.00

    A flaw was found in PackStack. This vulnerability allows a local user to modify deployed systems by changing the answer file, which is created in insecure directories such as /tmp or the current working directory. This insecure file creation could lead to unauthorized system…

  • CVE-2026-54328higJun 17, 2026
    risk 0.39cvss epss 0.00

    # Predictable temporary extension install paths allow local privilege escalation on shared Linux hosts Pi versions with temporary npm or git extension package installs used predictable paths under the operating system temporary directory. On Linux-based multi-user systems, a…

  • CVE-2025-10279HigFeb 2, 2026
    risk 0.39cvss 7.0epss 0.00

    In mlflow version 2.20.3, the temporary directory used for creating Python virtual environments is assigned insecure world-writable permissions (0o777). This vulnerability allows an attacker with write access to the `/tmp` directory to exploit a race condition and overwrite…

  • CVE-2025-71176MedJan 22, 2026
    risk 0.37cvss 6.8epss 0.00

    pytest through 9.0.2 on UNIX relies on directories with the /tmp/pytest-of-{user} name pattern, which allows local users to cause a denial of service or possibly gain privileges.

  • CVE-2026-42191MedMay 12, 2026
    risk 0.35cvss 6.5epss 0.00

    OpenTelemetry.Exporter.OpenTelemetryProtocol is the OTLP (OpenTelemetry Protocol) exporter implementation. From 1.8.0 to 1.15.2, the OTLP disk retry feature in OpenTelemetry.Exporter.OpenTelemetryProtocol silently fell back to Path.GetTempPath() when…

  • CVE-2026-2817MedFeb 19, 2026
    risk 0.29cvss 4.4epss 0.00

    Use of insecure directory in Spring Data Geode snapshot import extracts archives into predictable, permissive directories under the system temp location. On shared hosts, a local user with basic privileges can access another user’s extracted snapshot contents, leading to…

  • CVE-2024-12911Mar 20, 2025
    risk 0.00cvss epss 0.00

    A vulnerability in the `default_jsonalyzer` function of the `JSONalyzeQueryEngine` in the run-llama/llama_index repository allows for SQL injection via prompt injection. This can lead to arbitrary file creation and Denial-of-Service (DoS) attacks. The vulnerability affects the…

  • CVE-2023-49797Dec 9, 2023
    risk 0.00cvss epss 0.00

    PyInstaller bundles a Python application and all its dependencies into a single package. A PyInstaller built application, elevated as a privileged process, may be tricked by an unprivileged attacker into deleting files the unprivileged user does not otherwise have access to. A…

  • CVE-2023-2976Jun 14, 2023
    risk 0.00cvss epss 0.00

    Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able…

  • CVE-2022-24823May 6, 2022
    risk 0.00cvss epss 0.01

    Netty is an open-source, asynchronous event-driven network application framework. The package `io.netty:netty-codec-http` prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can…

  • CVE-2022-27772Mar 30, 2022
    risk 0.00cvss epss 0.01

    spring-boot versions prior to version v2.2.11.RELEASE was vulnerable to temporary directory hijacking. This vulnerability impacted the org.springframework.boot.web.server.AbstractConfigurableWebServerFactory.createTempDir method. NOTE: This vulnerability only affects products…

  • CVE-2021-21430May 10, 2021
    risk 0.00cvss epss 0.00

    OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. Using `File.createTempFile` in JDK will result in creating and using insecure temporary files that can leave…

  • CVE-2021-21428May 10, 2021
    risk 0.00cvss epss 0.00

    Openapi generator is a java tool which allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. openapi-generator-online creates insecure temporary folders with File.createTempFile during the…

  • CVE-2021-31411May 5, 2021
    risk 0.00cvss epss 0.00

    Insecure temporary directory usage in frontend build functionality of com.vaadin:flow-server versions 2.0.9 through 2.5.2 (Vaadin 14.0.3 through Vaadin 14.5.2), 3.0 prior to 6.0 (Vaadin 15 prior to 19), and 6.0.0 through 6.0.5 (Vaadin 19.0.0 through 19.0.4) allows local users to…