{"id":"CVE-2023-0482","details":"In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.","aliases":["GHSA-2c6g-pfx3-w7h8"],"modified":"2026-04-10T04:53:53.753857Z","published":"2023-02-17T22:15:11.957Z","references":[{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20230427-0001/"},{"type":"FIX","url":"https://github.com/resteasy/resteasy/pull/3409/commits/807d7456f2137cde8ef7c316707211bf4e542d56"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/resteasy/resteasy","events":[{"introduced":"0"},{"last_affected":"2e4fc7767300e5d0bd145d91c68dc8e7b8e6fd9c"},{"introduced":"0"},{"last_affected":"62b8bffcf144ec885bf0b1111eaa07d67f4a5205"},{"introduced":"0"},{"last_affected":"8f2ce4ff528414fd7a7573d82f1cd8efc4a67efe"},{"introduced":"0"},{"last_affected":"9931764863bd25e152a025ccf466b7fd61c75242"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"3.15.4"},{"introduced":"0"},{"last_affected":"4.7.7"},{"introduced":"0"},{"last_affected":"5.0.5"},{"introduced":"0"},{"last_affected":"6.2.2"}]}}],"versions":["3.0-beta-1","3.0-beta-2","3.0-beta-3","3.0-beta-4","3.0-beta-5","3.0-beta-6","3.0-rc-1","3.0.0.Final","3.0.1.Final","3.0.10.Final","3.0.13.Final","3.0.14.Final","3.0.15.Final","3.0.16.Final","3.0.2","3.0.20.Final","3.0.21.Final","3.0.22.Final","3.0.23.Final","3.0.24.Final","3.0.4","3.0.5.Final","3.0.6.Final","3.0.7.Final","3.0.8.Final","3.0.9.Final","3.1.0.Beta1","3.1.0.Beta2","3.1.0.CR1","3.1.0.CR2","3.1.0.CR3","3.1.0.Final","3.1.1.Final","3.1.2.Final","3.1.3.Final","3.1.4.Final","3.10.0.Final","3.11.0.Final","3.12.0.Final","3.13.0.Final","3.15.0.Alpha1","3.15.2.Final","3.15.3.Final","3.15.4.Final","3.5.0.CR1","3.5.0.CR2","3.5.0.CR3","3.5.0.CR4","3.5.0.Final","3.5.1.Final","3.6.0.CR1","3.6.0.Final","3.6.1.Final","3.6.2.Final","3.6.3.Final","3.8.0.Final","4.0.0.Beta1","4.0.0.Beta2","4.0.0.Beta3","4.0.0.Beta4","4.0.0.Beta5","4.0.0.Beta6","4.0.0.Beta7","4.0.0.CR1","4.0.0.CR2","4.1.0.Final","4.2.0.Final","4.3.0.Final","4.4.0.CR1","4.4.0.Final","4.4.1.Final","4.4.2.Final","4.7.0.Beta1","4.7.0.Final","4.7.1.Final","4.7.2.Final","4.7.3.Final","4.7.4.Final","4.7.5.Final","4.7.6.Final","4.7.7.Final","5.0.0.Alpha1","5.0.0.Beta1","5.0.0.Beta2","5.0.0.Beta3","5.0.0.Final","5.0.1.Final","5.0.3.Final","5.0.4.Final","5.0.5.Final","6.0.0.Beta1","6.0.0.Final","6.1.0.Alpha1","6.1.0.Beta1","6.1.0.Beta2","6.1.0.Beta3","6.1.0.Final","6.2.0.Beta1","6.2.0.Final","6.2.1.Final","6.2.2.Final"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-0482.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}