{"id":"CVE-2024-51127","details":"An issue in the createTempFile method of hornetq v2.4.9 allows attackers to arbitrarily overwrite files or access sensitive information.","aliases":["GHSA-r7mv-mv7m-pjw3"],"modified":"2026-03-09T23:50:41.937358Z","published":"2024-11-04T18:15:05.113Z","references":[{"type":"WEB","url":"http://hornetq.com"},{"type":"EVIDENCE","url":"https://github.com/JAckLosingHeart/CWE-378/blob/main/CVE-2024-51127.md"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/hornetq/hornetq","events":[{"introduced":"0"},{"last_affected":"0daa21b9b5dec389ab1e61ff97a76790e4ce9367"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.4.9"}]}}],"versions":["HornetQ_2_3_0_Alpha","HornetQ_2_3_0_Beta1","HornetQ_2_3_0_Beta2","HornetQ_2_3_0_Beta3","HornetQ_2_3_0_CR1","HornetQ_2_3_0_CR2","HornetQ_2_3_0_FINAL","HornetQ_2_4_0_Alpha1","HornetQ_2_4_0_Beta1","HornetQ_2_4_0_Beta2","HornetQ_2_4_0_Beta3","HornetQ_2_4_0_Final","HornetQ_2_4_1_Final","HornetQ_2_4_2_Final","HornetQ_2_4_3_Final","HornetQ_2_4_4_Final","HornetQ_2_4_5_Final","HornetQ_2_4_6_Final","HornetQ_2_4_7_Final","HornetQ_2_4_8_Final","HornetQ_2_4_9_Final"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-51127.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}]}