maven›com.netflix.hollow/hollow›CVE-2021-280994.4 MEDIUMIncorrect Permission Assignment for Critical ResourceAn attacker can pre-create directories with wide permissions.