{"id":"MGASA-2020-0403","summary":"Updated junit packages fix a security vulnerability","details":"It was discovered that junit contained a local information disclosure\nvulnerability. On Unix like systems, the system's temporary directory is\nshared between all users on that system. Because of this, when files and\ndirectories are written into this directory they are, by default, readable by\nother users on that same system. This vulnerability does not allow other users\nto overwrite the contents of these directories or files. This is purely an\ninformation disclosure vulnerability (CVE-2020-15250).\n","modified":"2026-04-16T04:43:17.633475205Z","published":"2020-11-08T14:14:27Z","upstream":["CVE-2020-15250"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2020-0403.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=27555"},{"type":"WEB","url":"https://www.debian.org/lts/security/2020/dla-2426"},{"type":"ADVISORY","url":"https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp"}],"affected":[{"package":{"name":"junit","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/junit?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.12-7.1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2020-0403.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}