Harald Dunkel

**Name of the Vulnerable Software and Affected Versions** Zstandard command-line utility versions prior to 1.4.1 **Description** The issue is related to the default file permissions used by the Zstandard command-line utility. Output files are created with default permissions, which could allow unintended parties to read or write to these files before the correct permissions are set at completion time. This could potentially lead to unauthorized access to confidential data. **Recommendations** For versions prior to 1.4.1, update to version 1.4.1 or later to ensure that output files are created with the correct permissions, matching the input file's permissions.