Security Advisory

CVE-2022-24913

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-01-12 05:00:01

Last updated 2025-04-08 18:07:05

Assigner snyk

State PUBLISHED

Description

Versions of the package com.fasterxml.util:java-merge-sort before 1.1.0 are vulnerable to Insecure Temporary File in the StdTempFileProvider() function in StdTempFileProvider.java, which uses the permissive File.createTempFile() function, exposing temporary file contents.

← Browse all CVEs View on cve.org ↗