Update CVE-2020-8908 with correct details

2020/8xxx/CVE-2020-8908.json

@@ -1,6 +1,6 @@
 {
     "CVE_data_meta": {
-        "ASSIGNER": "security@google.com",
+        "ASSIGNER": "cve-coordination@google.com",
         "ID": "CVE-2020-8908",
         "STATE": "PUBLIC",
         "TITLE": "Temp directory permission issue in Guava"
@@ -16,9 +16,9 @@
                                 "version": {
                                     "version_data": [
                                         {
-                                            "version_affected": "<",
+                                            "version_affected": ">",
                                             "version_name": "stable",
-                                            "version_value": "30.0"
+                                            "version_value": "9.09.15"
                                         }
                                     ]
                                 }
@@ -43,7 +43,7 @@
         "description_data": [
             {
                 "lang": "eng",
-                "value": "A temp directory creation vulnerability exist in Guava versions prior to 30.0 allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava com.google.common.io.Files.createTempDir(). The permissions granted to the directory created default to the standard unix-like /tmp ones, leaving the files open. We recommend updating Guava to version 30.0 or later, or update to Java 7 or later, or to explicitly change the permissions after the creation of the directory if neither are possible."
+		"value": "A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime's java.io.tmpdir system property to point to a location whose permissions are appropriately configured."
             }
         ]
     },
@@ -86,55 +86,10 @@
                 "name": "https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40",
                 "refsource": "CONFIRM",
                 "url": "https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40"
-            },
-            {
-                "name": "https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415",
-                "refsource": "MISC",
-                "url": "https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415"
-            },
-            {
-                "refsource": "MLIST",
-                "name": "[ws-commits] 20210104 [ws-wss4j] branch master updated: Updating Guava to 30.1 due to CVE-2020-8908",
-                "url": "https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222@%3Ccommits.ws.apache.org%3E"
-            },
-            {
-                "refsource": "MLIST",
-                "name": "[ws-commits] 20210104 [ws-wss4j] branch 2_3_x-fixes updated: Updating Guava to 30.1 due to CVE-2020-8908",
-                "url": "https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e@%3Ccommits.ws.apache.org%3E"
-            },
-            {
-                "refsource": "MLIST",
-                "name": "[cxf-commits] 20210104 [cxf] 03/04: Updating Guava to 30.1 due to CVE-2020-8908",
-                "url": "https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf@%3Ccommits.cxf.apache.org%3E"
-            },
-            {
-                "refsource": "MLIST",
-                "name": "[cxf-commits] 20210104 [cxf] 02/02: Updating Guava to 30.1 due to CVE-2020-8908",
-                "url": "https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6@%3Ccommits.cxf.apache.org%3E"
-            },
-            {
-                "refsource": "MISC",
-                "name": "https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3@%3Ctorque-dev.db.apache.org%3E",
-                "url": "https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3@%3Ctorque-dev.db.apache.org%3E"
-            },
-            {
-                "refsource": "MLIST",
-                "name": "[maven-issues] 20210122 [GitHub] [maven-indexer] akurtakov opened a new pull request #75: Remove guava dependency from indexer-core",
-                "url": "https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba@%3Cissues.maven.apache.org%3E"
-            },
-            {
-                "refsource": "MLIST",
-                "name": "[db-torque-dev] 20210127 Re: Items for our (delayed) quarterly report to the board?",
-                "url": "https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a@%3Ctorque-dev.db.apache.org%3E"
-            },
-            {
-                "refsource": "MLIST",
-                "name": "[db-torque-dev] 20210128 Antwort: Re: Items for our (delayed) quarterly report to the board?",
-                "url": "https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604@%3Ctorque-dev.db.apache.org%3E"
             }
         ]
     },
     "source": {
         "discovery": "EXTERNAL"
     }
-}
+}