{"id":"MGASA-2021-0021","summary":"Updated guava packages fix security vulnerability","details":"A temp directory creation vulnerability exist in Guava versions prior to 30.0\nallowing an attacker with access to the machine to potentially access data in a\ntemporary directory created by the Guava\ncom.google.common.io.Files.createTempDir(). The permissions granted to the\ndirectory created default to the standard unix-like /tmp ones, leaving the\nfiles open (CVE-2020-8908).\n","modified":"2026-04-16T00:08:48.765043347Z","published":"2021-01-10T19:46:12Z","upstream":["CVE-2020-8908"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2021-0021.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=27965"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1906919"}],"affected":[{"package":{"name":"guava","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/guava?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"25.0-2.1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0021.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}