31Oca
CVE-2024-22236 | Spring Cloud Contract up to 3.1.9/4.0.4/4.1.0 Guava temp file
A vulnerability was found in Spring Cloud Contract up to 3.1.9/4.0.4/4.1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Guava Handler. The manipulation leads to creation of temporary file in directory with insecure permissions. This vulnerability is known as CVE-2024-22236. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.