CVE-2023-0481

Published: Feb 24, 2023

Modified: Mar 12, 2025

PUBLISHED

Description

In RestEasy Reactive implementation of Quarkus the insecure File.createTempFile() is used in the FileBodyHandler class which creates temp files with insecure permissions that could be read by a local user.

Vendor	Product	Versions
n/a	Quarkus	affected `Fixed in 2.16.1`

Weaknesses (CWE)

CWE-378

References

https://github.com/quarkusio/quarkus/pull/30694

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-0481

Description

Affected Products

Weaknesses (CWE)

References