Exposure of Resource to Wrong Sphere
In RestEasy Reactive implementation of Quarkus the insecure "File.createTempFile()" is used in the "FileBodyHandler" class which creates temp files with insecure permissions that could be read by a local user. The vulnerable versions are prior to 2.16.1.Final and 3.0.0.x prior to 3.0.0.Alpha4.
CWE-668 - Exposure of Resource to Wrong Sphere
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.