VYPR

Maven package

com.netflix.priam/priam

pkg:maven/com.netflix.priam/priam

Vulnerabilities (1)

  • CVE-2021-28100Mar 23, 2021
    affected <= 3.1.104

    Priam uses File.createTempFile, which gives the permissions on that file -rw-r--r--. An attacker with read access to the local filesystem can read anything written there by the Priam process.