[dev] [PROPOSAL][Repo] Security Vulnerability - Action Required: Temporary Directory Vulnerability in the org.odftoolkit : odfdom-java : 0.8.6

Hi there,

        I may have discovered a method in org.odftoolkit : odfdom-java : 
0.8.6 which has Temporary Directory Vulnerability. The vulnerability is located in the 
method newTempOdfDirectory from class 
org.odftoolkit.odfdom.pkg.TempDir The vulnerability bears similarities to a recent CVE 
disclosure CVE-2022-3969 in the "Document Management System" project.
Vulnerability Details:
 CVE Identifier: CVE-2022-3969
Description: A vulnerability was found in OpenKM up to 6.3.11 and classified as problematic. 
Affected by this issue is the function getFileExtension of the file 
src/main/java/com/openkm/util/FileUtils.java. The manipulation leads to insecure temporary file. 
Upgrading to version 6.3.12 is able to address this issue. The name of the patch is 
c069e4d73ab8864345c25119d8459495f45453e1. It is recommended to upgrade the affected component. The 
identifier of this vulnerability is VDB-213548.
Reference: https://nvd.nist.gov/vuln/detail/CVE-2022-3969        
 Vulnerability Description: The vulnerability is present in the 
org.odftoolkit.odfdom.pkg.TempDir class, specifically in the 
newTempOdfDirectory function. This function is responsible for handling temporary directories. 
A chain of calls involving File.createTempFile() -> file.delete() -> either file.mkdir() or 
file.mkdirs() has been detected, leaving the library exposed to Temporary Directory Hijacking or 
Information Disclosure attacks.
        Library Usage:
        The org.odftoolkit : odfdom-java : 0.8.6 has 44 usages 
according to Maven Repository and rank 8580 in MvnRepository. Besides, according to data from 
library.io, this specific version, 0.8.6, stands out as the most prevalent, with an impressive 
utilization rate of 33.88% among all libraries that incorporate "org.odftoolkit:odfdom-java". Due 
to the extensive adoption of this library, the identified vulnerability poses the potential for 
far-reaching consequences.
        Recommended Actions:
        To address this issue, I suggest the following actions:
        1. Apply Patch: Refer to the patch provided by the "Document Management 
System" project, which shares similarities with this vulnerability. The patch can be found at the 
following link: 
https://github.com/openkm/document-management-system/commit/c069e4d73ab8864345c25119d8459495f45453e1.
        2. Review GitHub Pull Request: Study the detailed description of the 
vulnerability and the proposed fix in the "Document Management System" project's GitHub pull 
request: https://github.com/openkm/document-management-system/pull/332.

        I understand the importance of responsible disclosure, and I am 
willing to cooperate with your team throughout the process of fixing and verifying the 
vulnerability. If you require any further information or assistance, please do not hesitate to 
reach out to me.
        Thank you and looking forward to hearing from you soon.
                            
                            
                            
                            
                            
                            
                            
                            
                            
                            
             Best regards,

                            
                            
                            
                            
                            
                            
                            
                            
                            
                            
             Yiheng Cao
-- 
To unsubscribe e-mail to: dev+unsubscribe@odftoolkit.org
Problems? https://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more: https://wiki.documentfoundation.org/Netiquette
List archive: https://listarchives.odftoolkit.org/dev/
Privacy Policy: https://www.documentfoundation.org/privacy