CWE-377

Insecure Temporary File

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

Creating and using insecure temporary files can leave application and system data vulnerable to attack.

93 vulnerabilities with CWE-377
CVE-2024-49506 HIGH
System <non-default config> - DoS/Info Disclosure
CVE-2024-10372 MEDIUM
chidiwilliams buzz <1.1.0 - Info Disclosure
CVSS 4.5
CVE-2024-6654 MEDIUM
ESET Cyber Security and Endpoint Security for macOS - Denial of Service via Insecure Temporary File
CVE-2024-34490 MEDIUM
Maxima < 5.47.0 - Insecure Temporary File via Predictable /tmp Filenames
CVSS 5.1
CVE-2024-2313 LOW
bpftrace < 0.20.2 - Insecure Temporary File Handling in Kernel Header Extraction
CVSS 2.8
CVE-2024-23287 MEDIUM
iPadOS < 17.4 - Unprotected User Data Exposure via Temporary File Handling
CVSS 5.5
CVE-2024-22236 LOW
Spring Cloud Contract <4.1.1, <4.0.5, <3.1.10 - Info Disclosure
CVSS 3.3
CVE-2023-49347 MEDIUM
Budgie Extras Windows Previews - Info Disclosure
CVSS 6.0
CVE-2023-49346 MEDIUM
Budgie Extras WeatherShow - Info Disclosure
CVSS 6.0
CVE-2023-49345 MEDIUM
Budgie Extras Takeabreak - Info Disclosure
CVSS 6.0
CVE-2023-49344 MEDIUM
Budgie Extras Window Shuffler - Info Disclosure
CVSS 6.0
CVE-2023-49342 MEDIUM
Budgie Extras Clockworks - Info Disclosure
CVSS 6.0
CVE-2023-43498 HIGH
Jenkins <2.423-2.414.1 - Info Disclosure
CVSS 8.1
CVE-2023-2800 MEDIUM
huggingface/transformers <4.30.0 - Info Disclosure
CVSS 4.7
CVE-2022-34387 MEDIUM
Dell SupportAssist < 3.11.4 (Home) / < 3.2.0 (Business) - Privilege Escalation via Insecure Temporary File
CVSS 6.4
CVE-2022-24913 MEDIUM
java-merge-sort < 1.1.0 - Insecure Temporary File via StdTempFileProvider
CVSS 5.5
CVE-2022-4817 LOW
centic9 jgit-cookbook - Insecure Temp File
CVSS 3.1
CVE-2022-26386 MEDIUM
Firefox ESR < 91.7 - Info Disclosure
CVSS 6.5
CVE-2022-4641 LOW
pig-vector - Insecure Temporary File in LogisticRegression Function
CVSS 2.5
CVE-2022-41954 LOW
mpxj < 10.14.1 - Insecure Temporary File Permissions on Unix-like Systems
CVSS 3.3
CVE-2022-41946 MEDIUM
PostgreSQL JDBC Driver 42.2.0-42.2.27 - Insecure Temporary File Creation via InputStream Handling
CVSS 4.7
CVE-2022-3969 LOW
OpenKM <6.3.11 - Insecure Temp File
CVSS 2.6
CVE-2022-3952 LOW
ManyDesigns Portofino < 5.3.3 - Insecure Temporary File Permissions in WarFileLauncher.java
CVSS 2.6
CVE-2022-35631 MEDIUM
Velociraptor <0.6.5.2 - Symlink Attack
CVSS 5.5
CVE-2022-21809 HIGH
InHand Networks InRouter302 V3.5.4 - File Write
CVSS 8.1
Details
Vulnerabilities 93
Links
MITRE CWE Entry Search this CWE With Exploits