Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
0.001
EPSS

CVE-2021-28168

CVSSv4: NA | CVSSv3: 5.5 | CVSSv2: 2.1 | VMScore: 650 | EPSS: 0.00158 | KEV: Not Included
Published: 22/04/2021 Updated: 21/11/2024

Vulnerability Summary

Eclipse Jersey 2.28 to 2.33 and Eclipse Jersey 3.0.0 to 3.0.1 contains a local information disclosure vulnerability. This is due to the use of the File.createTempFile which creates a file inside of the system temporary directory with the permissions: -rw-r--r--. Thus the contents of this file are viewable by all other users locally on the system. As such, if the contents written is security sensitive, it can be disclosed to other local users.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

the eclipse foundation eclipse jersey

eclipse jersey

oracle communications cloud native core policy 1.15.0

oracle communications cloud native core unified data repository 1.15.0

Vendor Advisories

Red Hat: Moderate: Red Hat Integration Camel Extensions for Quarkus 2.2.1 security update
Synopsis Moderate: Red Hat Integration Camel Extensions for Quarkus 221 security update Type/Severity Security Advisory: Moderate Topic A security update to Red Hat Integration Camel Extensions for Quarkus 22 is now available The purpose of this text-only errata is to inform you about the security issues fixedRed Hat Product Security has ...
Red Hat: Important: Red Hat Integration Camel-K 1.6.4 release and security update
Synopsis Important: Red Hat Integration Camel-K 164 release and security update Type/Severity Security Advisory: Important Topic A micro version update (from 163 to 164) is now available for Red Hat Integration Camel K that includes bug fixes and enhancements The purpose of this text-only errata is to inform you about the security issu ...
Red Hat: CVE-2021-28168
Eclipse Jersey 228 to 233 and Eclipse Jersey 300 to 301 contains a local information disclosure vulnerability This is due to the use of the FilecreateTempFile which creates a file inside of the system temporary directory with the permissions: -rw-r--r-- Thus the contents of this file are viewable by all other users locally on the system A ...
Hitachi Security Advisories: Multiple Vulnerabilities in Hitachi Ops Center Analyzer, Hitachi Ops Center Analyzer viewpoint and Hitachi Ops Center Viewpoint
Hitachi Ops Center Analyzer contain the following vulnerabilities: CVE-2021-28168, CVE-2022-25647 Hitachi Ops Center Analyzer viewpoint and Hitachi Ops Center Viewpoint contain the following vulnerabilities: CVE-2022-0778, CVE-2022-1552, CVE-2022-25647 Affected products and versions are listed below Please upgrade your version to the app ...

References

CWE-378CWE-379CWE-668https://nvd.nist.govhttps://access.redhat.com/errata/RHSA-2022:1013https://www.first.org/epsshttps://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2022-126/index.htmlhttps://github.com/eclipse-ee4j/jersey/pull/4712https://github.com/eclipse-ee4j/jersey/security/advisories/GHSA-c43q-5hpj-4crvhttps://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe%40%3Cusers.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/r280438f7cb4b3b1c9dfda9d7b05fa2a5cfab68618c6afee8169ecdaa%40%3Ccommits.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/r305fb82e5c005143c1e2ec986a19c0a44f42189ab2580344dc955359%40%3Cdev.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/r4066176a7352e021d7a81af460044bde8d57f40e98f8e4a31923af3a%40%3Cjira.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/r42fef440487a04cf5e487a9707ef5119d2dd5b809919f25ef4296fc4%40%3Cjira.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/r454f38e85db149869c5a92c993c402260a4f8599bf283f6cfaada972%40%3Cjira.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/r6dadc8fe82071aba841d673ffadf34728bff4357796b1990a66e3af1%40%3Ccommits.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/r96658b899fcdbf04947257d201dc5a0abdbb5fb0a8f4ec0a6c15e70f%40%3Cjira.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/ra2722171d569370a9e15147d9f3f6138ad9a188ee879c0156aa2d73a%40%3Cjira.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/ra3290fe51b4546fac195724c4187c4cb7fc5809bc596c2f7e97606f4%40%3Cjira.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/ra3d7cd37fc794981a885332af2f8df0d873753380ea19935d6d847fc%40%3Cdev.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/rafc3c4cee534f478cbf8acf91e48373e291a21151f030e8132662a7b%40%3Cjira.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/rc288874c330b3af9e29a1a114c5e0d24fff7a79eaa341f551535c8c0%40%3Cjira.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/rc6221670de35b819fe191e7d8f2d17bc000549bd554020cec644b71e%40%3Cjira.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/rd54b42edccc1b993853a9c4943a9b16db763f5e2febf6e64b7d0fe3c%40%3Cjira.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/rdff6939e6c8dd620e20b013d9a35f57d42b3cd19e1d0483d85dfa2fd%40%3Cjira.kafka.apache.org%3Ehttps://www.oracle.com/security-alerts/cpuapr2022.htmlhttps://github.com/eclipse-ee4j/jersey/pull/4712https://github.com/eclipse-ee4j/jersey/security/advisories/GHSA-c43q-5hpj-4crvhttps://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe%40%3Cusers.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/r280438f7cb4b3b1c9dfda9d7b05fa2a5cfab68618c6afee8169ecdaa%40%3Ccommits.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/r305fb82e5c005143c1e2ec986a19c0a44f42189ab2580344dc955359%40%3Cdev.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/r4066176a7352e021d7a81af460044bde8d57f40e98f8e4a31923af3a%40%3Cjira.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/r42fef440487a04cf5e487a9707ef5119d2dd5b809919f25ef4296fc4%40%3Cjira.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/r454f38e85db149869c5a92c993c402260a4f8599bf283f6cfaada972%40%3Cjira.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/r6dadc8fe82071aba841d673ffadf34728bff4357796b1990a66e3af1%40%3Ccommits.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/r96658b899fcdbf04947257d201dc5a0abdbb5fb0a8f4ec0a6c15e70f%40%3Cjira.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/ra2722171d569370a9e15147d9f3f6138ad9a188ee879c0156aa2d73a%40%3Cjira.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/ra3290fe51b4546fac195724c4187c4cb7fc5809bc596c2f7e97606f4%40%3Cjira.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/ra3d7cd37fc794981a885332af2f8df0d873753380ea19935d6d847fc%40%3Cdev.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/rafc3c4cee534f478cbf8acf91e48373e291a21151f030e8132662a7b%40%3Cjira.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/rc288874c330b3af9e29a1a114c5e0d24fff7a79eaa341f551535c8c0%40%3Cjira.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/rc6221670de35b819fe191e7d8f2d17bc000549bd554020cec644b71e%40%3Cjira.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/rd54b42edccc1b993853a9c4943a9b16db763f5e2febf6e64b7d0fe3c%40%3Cjira.kafka.apache.org%3Ehttps://lists.apache.org/thread.html/rdff6939e6c8dd620e20b013d9a35f57d42b3cd19e1d0483d85dfa2fd%40%3Cjira.kafka.apache.org%3Ehttps://www.oracle.com/security-alerts/cpuapr2022.html
Preferred Score:
EPSS
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-4278updatenavifujitsu client computing limitedCVE-2025-32465CVE-2025-49184ibmCVE-2025-4275file uploadCVE-2025-33073sick agfile inclusionCVE-2025-26383unspecified
Home
/
Search Results
/
CVE-2021-28168
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook