[dev] [PROPOSAL][Repo] Security Vulnerability - Action Required: Temporary Directory Vulnerability in the org.odftoolkit : odfdom-java : 0.8.6

Hi there,

    I may have discovered a method in org.odftoolkit:odfdom-java:0.8.6 which
 has Temporary Directory Vulnerability. The vulnerability is located in the
method *newTempOdfDirectory* from class *org.odftoolkit.odfdom.pkg.TempDir*
The vulnerability bears similarities to a recent CVE disclosure
*CVE-2022-3969* in the "Document Management System" project.

    The source vulnerability information is as follows:

> *Vulnerability Details:**CVE Identifier:* CVE-2022-3969
> *Description:* A vulnerability was found in OpenKM up to 6.3.11 and
> classified as problematic. Affected by this issue is the function
> getFileExtension of the file src/main/java/com/openkm/util/FileUtils.java.
> The manipulation leads to insecure temporary file. Upgrading to version
> 6.3.12 is able to address this issue. The name of the patch is
> c069e4d73ab8864345c25119d8459495f45453e1. It is recommended to upgrade the
> affected component. The identifier of this vulnerability is VDB-213548.
> *Reference:* https://nvd.nist.gov/vuln/detail/CVE-2022-3969

*Patch: *
> https://github.com/openkm/document-management-system/commit/c069e4d73ab8864345c25119d8459495f45453e1

*Vulnerability **Description:* The vulnerability is present in the
*org.odftoolkit.odfdom.pkg.TempDir* class, specifically in the
*newTempOdfDirectory* function. This function is responsible for handling
temporary directories. A chain of calls involving *File.createTempFile() ->
file.delete() -> either file.mkdir() or file.mkdirs() *has been detected,
leaving the library exposed to Temporary Directory Hijacking or Information
Disclosure attacks.
*Library Usage:*
    The org.odftoolkit : odfdom-java : 0.8.6 has 44 usages according to Maven
Repository and rank 8580 in MvnRepository. Besides, according to data from
library.io, this specific version, 0.8.6, stands out as the most prevalent,
with an impressive utilization rate of 33.88% among all libraries that
incorporate "org.odftoolkit:odfdom-java". Due to the extensive adoption of
this library, the identified vulnerability poses the potential for
far-reaching consequences.
*Recommended Actions:*
    To address this issue, I suggest the following actions:
    1. Apply Patch: Refer to the patch provided by the "Document Management
System" project, which shares similarities with this vulnerability. The
patch can be found at the following link:
https://github.com/openkm/document-management-system/commit/c069e4d73ab8864345c25119d8459495f45453e1
.
    2. Review GitHub Pull Request: Study the detailed description of the
vulnerability and the proposed fix in the "Document Management System"
project's GitHub pull request:
https://github.com/openkm/document-management-system/pull/332.
    I understand the importance of responsible disclosure, and I am willing
to cooperate with your team throughout the process of fixing and verifying
the vulnerability. If you require any further information or assistance,
please do not hesitate to reach out to me.
    Thank you and looking forward to hearing from you soon.

Best regards,
Yiheng Cao

-- 
To unsubscribe e-mail to: dev+unsubscribe@odftoolkit.org
Problems? https://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more: https://wiki.documentfoundation.org/Netiquette
List archive: https://listarchives.odftoolkit.org/dev/
Privacy Policy: https://www.documentfoundation.org/privacy