CVE-2021-24032 is a vulnerability in Facebook Zstandard
Published on March 4, 2021
Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with default permissions and restricted those permissions immediately afterwards. Output files could therefore momentarily be readable or writable to unintended parties.
Weakness Type
Insecure Inherited Permissions
A product defines a set of insecure permissions that are inherited by objects that are created by the program.
Products Associated with CVE-2021-24032
Want to know whenever a new CVE is published for Facebook Zstandard? stack.watch will email you.
Affected Versions
Facebook Zstandard:- Version 1.4.9 and below unspecified is unaffected.
- Version 1.4.1 and below unspecified is affected.
- Version unspecified and below 1.4.1 is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.