CVE-2022-21126

HIGH Year: 2022
CVSS v3 Score
7.8
High
Weakness Type
CWE-668
View all →

Vulnerability Description

The package com.github.samtools:htsjdk before 3.0.1 are vulnerable to Creation of Temporary File in Directory with Insecure Permissions due to the createTempDir() function in util/IOUtil.java not checking for the existence of the temporary directory before attempting to create it.

Related Vulnerabilities

CVE-2014-0023

HIGH
CVSS:7.8(High)

OpenShift: Install script has temporary file creation vulnerability which can result in arbitrary code execution

CWE-6682014

CVE-2017-8185

HIGH
CVSS:7.8(High)

ME906s-158 earlier than ME906S_Installer_13.1805.10.3 versions has a privilege elevation vulnerability. An attacker could exploit this vulnerability to modify the configuration information containing ...

CWE-6682017

CVE-2018-10361

HIGH
CVSS:7.8(High)

An issue was discovered in KTextEditor 5.34.0 through 5.45.0. Insecure handling of temporary files in the KTextEditor's kauth_ktexteditor_helper service (as utilized in the Kate text editor) can allow...

CWE-6682018

CVE-2018-15591

HIGH
CVSS:7.8(High)

An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. A local authenticated user can bypass Application Whitelisting restrictions to execute arbitrary code by lev...

CWE-6682018

CVE-2019-15341

HIGH
CVSS:7.8(High)

The Tecno Camon iAir 2 Plus Android device with a build fingerprint of TECNO/H622/TECNO-ID3k:8.1.0/O11019/E-180914V83:user/release-keys contains a pre-installed platform app with a package name of com...

CWE-6682019

CVE-2019-15345

HIGH
CVSS:7.8(High)

The Tecno Camon iClick Android device with a build fingerprint of TECNO/H633/TECNO-IN6:8.1.0/O11019/A-180409V96:user/release-keys contains a pre-installed platform app with a package name of com.lovel...

CWE-6682019