CVE-2021-24031 is a vulnerability in Facebook Zstandard
Published on March 4, 2021
In the Zstandard command-line utility prior to v1.4.1, output files were created with default permissions. Correct file permissions (matching the input) would only be set at completion time. Output files could therefore be readable or writable to unintended parties.
Weakness Type
Insecure Inherited Permissions
A product defines a set of insecure permissions that are inherited by objects that are created by the program.
Products Associated with CVE-2021-24031
Want to know whenever a new CVE is published for Facebook Zstandard? stack.watch will email you.
Affected Versions
Facebook Zstandard:- Version 1.4.1 and below unspecified is unaffected.
- Version unspecified and below 1.4.1 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.