sosreport < 3.3 - Exposure of Sensitive Information via Weak Archive Permissions
sosreport 3.2 uses weak permissions for generated sosreport archives, which allows local users with access to /var/tmp/ to obtain sensitive information by reading the contents of the archive.