Hollow
1 CVEs
product
Monthly
In Netflix OSS Hollow, since the Files.exists(parent) is run before creating the directories, an attacker can pre-create these directories with wide permissions. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
Information Disclosure
Hollow
NVD
GitHub
CVSS 3.1
4.4
EPSS
0.2%
CVE-2021-28099
Maven
EPSS 0%
CVSS 4.4
MEDIUM
This Month
In Netflix OSS Hollow, since the Files.exists(parent) is run before creating the directories, an attacker can pre-create these directories with wide permissions. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
Information Disclosure
Hollow
NVD
GitHub