{"vulnerability": "CVE-2022-21126", "sightings": [{"uuid": "00cd9159-a5a3-4a15-a9f9-dfbfaefba1c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21126", "type": "seen", "source": "https://t.me/cibsecurity/53663", "content": "\u203c CVE-2022-21126 \u203c\n\nThe package com.github.samtools:htsjdk before 3.0.1 are vulnerable to Creation of Temporary File in Directory with Insecure Permissions due to the createTempDir() function in util/IOUtil.java not checking for the existence of the temporary directory before attempting to create it.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-29T20:28:57.000000Z"}, {"uuid": "59842a8d-7bcb-48c9-ad94-f0848020954b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21126", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13318", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-21126\n\ud83d\udd25 CVSS Score: 7.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\ud83d\udd39 Description: The package com.github.samtools:htsjdk before 3.0.1 are vulnerable to Creation of Temporary File in Directory with Insecure Permissions due to the createTempDir() function in util/IOUtil.java not checking for the existence of the temporary directory before attempting to create it.\n\ud83d\udccf Published: 2022-11-29T16:50:19.233Z\n\ud83d\udccf Modified: 2025-04-24T18:34:51.291Z\n\ud83d\udd17 References:\n1. https://security.snyk.io/vuln/SNYK-JAVA-COMGITHUBSAMTOOLS-3149901\n2. https://github.com/samtools/htsjdk/commit/4a4024a97ee3e87096df6ad9b22c8260bd527772\n3. https://github.com/samtools/htsjdk/pull/1617", "creation_timestamp": "2025-04-24T19:06:48.000000Z"}]}