RSS   Podatności dla 'Hollow'   RSS

2021-03-23
 
CVE-2021-28099

NVD-CWE-noinfo
 

 
In Netflix OSS Hollow, since the Files.exists(parent) is run before creating the directories, an attacker can pre-create these directories with wide permissions. Additionally, since an insecure source of randomness is used, the file names to be created can be deterministically calculated.

 

 >>> Vendor: Netflix 6 Produkty
Security monkey
Titus
Dispatch
Chaos monkey
Hollow
Priam


Copyright 2024, cxsecurity.com

 

Back to Top