The Grails® framework 3.3 application provides custom implementation for TomcatEmbeddedServletContainerFactory which overrides createTempDirectory method implementation. The custom implementation is then used to create EmbeddedServletContainer bean from Application.groovy class.
Ref: https://github.com/JLLeitschuh/security-research/security/advisories/GHSA-cm59-pr5q-cw85