CVE-2022-24913 - Vulnerability Details - OpenCVE

Versions of the package com.fasterxml.util:java-merge-sort before 1.1.0 are vulnerable to Insecure Temporary File in the StdTempFileProvider() function in StdTempFileProvider.java, which uses the permissive File.createTempFile() function, exposing temporary file contents.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Java-merge-sort Project	Java-merge-sort

Configuration 1 [-]

cpe:2.3:a:java-merge-sort_project:java-merge-sort:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/cowtowncoder/java-merge-sort/commit/450fdee70b5f181c2afc5d817f293efa1a543902
https://github.com/cowtowncoder/java-merge-sort/pull/21
https://security.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLUTIL-3227926

History

Tue, 08 Apr 2025 18:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: snyk

Published: 2023-01-12T05:00:01.920Z

Updated: 2025-04-08T18:07:05.122Z

Reserved: 2022-02-24T11:58:23.976Z

Link: CVE-2022-24913

Vulnrichment

Updated: 2024-08-03T04:29:01.537Z

NVD

Status : Modified

Published: 2023-01-12T05:15:11.477

Modified: 2025-04-08T18:15:43.670

Link: CVE-2022-24913

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-24913", "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "state": "PUBLISHED", "assignerShortName": "snyk", "dateReserved": "2022-02-24T11:58:23.976Z", "datePublished": "2023-01-12T05:00:01.920Z", "dateUpdated": "2025-04-08T18:07:05.122Z"}, "containers": {"cna": {"metrics": [{"cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}}], "credits": [{"value": "Jonathan Leitschuh", "lang": "en"}], "problemTypes": [{"descriptions": [{"cweId": "CWE-377", "description": "Insecure Temporary File", "lang": "en"}]}], "providerMetadata": {"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "shortName": "snyk", "dateUpdated": "2023-01-12T05:00:01.920Z"}, "descriptions": [{"value": "Versions of the package com.fasterxml.util:java-merge-sort before 1.1.0 are vulnerable to Insecure Temporary File in the StdTempFileProvider() function in StdTempFileProvider.java, which uses the permissive File.createTempFile() function, exposing temporary file contents.", "lang": "en"}], "references": [{"url": "https://security.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLUTIL-3227926"}, {"url": "https://github.com/cowtowncoder/java-merge-sort/commit/450fdee70b5f181c2afc5d817f293efa1a543902"}, {"url": "https://github.com/cowtowncoder/java-merge-sort/pull/21"}], "affected": [{"product": "com.fasterxml.util:java-merge-sort", "versions": [{"version": "0", "lessThan": "1.1.0", "status": "affected", "versionType": "semver"}], "vendor": "n/a"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T04:29:01.537Z"}, "title": "CVE Program Container", "references": [{"url": "https://security.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLUTIL-3227926", "tags": ["x_transferred"]}, {"url": "https://github.com/cowtowncoder/java-merge-sort/commit/450fdee70b5f181c2afc5d817f293efa1a543902", "tags": ["x_transferred"]}, {"url": "https://github.com/cowtowncoder/java-merge-sort/pull/21", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-668", "lang": "en", "description": "CWE-668 Exposure of Resource to Wrong Sphere"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-08T18:06:46.966178Z", "id": "CVE-2022-24913", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-08T18:07:05.122Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://security.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLUTIL-3227926", "tags": ["x_transferred"]}, {"url": "https://github.com/cowtowncoder/java-merge-sort/commit/450fdee70b5f181c2afc5d817f293efa1a543902", "tags": ["x_transferred"]}, {"url": "https://github.com/cowtowncoder/java-merge-sort/pull/21", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T04:29:01.537Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-24913", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-08T18:06:46.966178Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-668", "description": "CWE-668 Exposure of Resource to Wrong Sphere"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-08T18:07:00.641Z"}}], "cna": {"credits": [{"lang": "en", "value": "Jonathan Leitschuh"}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "n/a", "product": "com.fasterxml.util:java-merge-sort", "versions": [{"status": "affected", "version": "0", "lessThan": "1.1.0", "versionType": "semver"}]}], "references": [{"url": "https://security.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLUTIL-3227926"}, {"url": "https://github.com/cowtowncoder/java-merge-sort/commit/450fdee70b5f181c2afc5d817f293efa1a543902"}, {"url": "https://github.com/cowtowncoder/java-merge-sort/pull/21"}], "descriptions": [{"lang": "en", "value": "Versions of the package com.fasterxml.util:java-merge-sort before 1.1.0 are vulnerable to Insecure Temporary File in the StdTempFileProvider() function in StdTempFileProvider.java, which uses the permissive File.createTempFile() function, exposing temporary file contents."}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-377", "description": "Insecure Temporary File"}]}], "providerMetadata": {"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "shortName": "snyk", "dateUpdated": "2023-01-12T05:00:01.920Z"}}}, "cveMetadata": {"cveId": "CVE-2022-24913", "state": "PUBLISHED", "dateUpdated": "2025-04-08T18:07:05.122Z", "dateReserved": "2022-02-24T11:58:23.976Z", "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "datePublished": "2023-01-12T05:00:01.920Z", "assignerShortName": "snyk"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:java-merge-sort_project:java-merge-sort:*:*:*:*:*:*:*:*", "matchCriteriaId": "726966C2-7A04-4DE5-9929-E17C3417E816", "versionEndExcluding": "1.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Versions of the package com.fasterxml.util:java-merge-sort before 1.1.0 are vulnerable to Insecure Temporary File in the StdTempFileProvider() function in StdTempFileProvider.java, which uses the permissive File.createTempFile() function, exposing temporary file contents."}, {"lang": "es", "value": "Las versiones del paquete com.fasterxml.util:java-merge-sort anteriores a 1.1.0 son vulnerables a archivos temporales inseguros en la funci\u00f3n StdTempFileProvider() en StdTempFileProvider.java, que utiliza la funci\u00f3n permisiva File.createTempFile(), exponiendo el contenido de un archivo temporal."}], "id": "CVE-2022-24913", "lastModified": "2025-04-08T18:15:43.670", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "report@snyk.io", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-01-12T05:15:11.477", "references": [{"source": "report@snyk.io", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/cowtowncoder/java-merge-sort/commit/450fdee70b5f181c2afc5d817f293efa1a543902"}, {"source": "report@snyk.io", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/cowtowncoder/java-merge-sort/pull/21"}, {"source": "report@snyk.io", "tags": ["Third Party Advisory"], "url": "https://security.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLUTIL-3227926"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/cowtowncoder/java-merge-sort/commit/450fdee70b5f181c2afc5d817f293efa1a543902"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/cowtowncoder/java-merge-sort/pull/21"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLUTIL-3227926"}], "sourceIdentifier": "report@snyk.io", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-377"}], "source": "report@snyk.io", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-668"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-668"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}