VYPR

Maven package

org.glassfish.jersey.core/jersey-common

pkg:maven/org.glassfish.jersey.core/jersey-common

Vulnerabilities (1)

  • CVE-2021-28168Apr 22, 2021
    affected >= 2.28, < 2.34fixed 2.34

    Eclipse Jersey 2.28 to 2.33 and Eclipse Jersey 3.0.0 to 3.0.1 contains a local information disclosure vulnerability. This is due to the use of the File.createTempFile which creates a file inside of the system temporary directory with the permissions: -rw-r--r--. Thus the contents