Vulnerabilities

 2 via 6 paths

Dependencies

 77

Source

 GitHub

Commit

 026803c9

Find, fix and prevent vulnerabilities in your code.

Test and protect my applications
Issue type
  • 2
  • 3
Severity
  • 3
  • 2
Status
  • 5
  • 0
  • 0

medium severity

Dual license: EPL-1.0, LGPL-2.1

  • Module: ch.qos.logback:logback-classic
  • Introduced through: ch.qos.logback:logback-classic@1.5.18

Detailed paths

  • Introduced through: Cantara/visuale@Cantara/visuale#026803c915bd4ce4ee808cd1a3d194ce058ee6d6 ch.qos.logback:logback-classic@1.5.18

Dual license: EPL-1.0, LGPL-2.1

Dual license: EPL-1.0, LGPL-2.1 vulnerability report

medium severity

Dual license: EPL-1.0, LGPL-2.1

  • Module: ch.qos.logback:logback-core
  • Introduced through: ch.qos.logback:logback-classic@1.5.18

Detailed paths

  • Introduced through: Cantara/visuale@Cantara/visuale#026803c915bd4ce4ee808cd1a3d194ce058ee6d6 ch.qos.logback:logback-classic@1.5.18 ch.qos.logback:logback-core@1.5.18

Dual license: EPL-1.0, LGPL-2.1

Dual license: EPL-1.0, LGPL-2.1 vulnerability report

medium severity

EPL-1.0 license

  • Module: junit:junit
  • Introduced through: org.glassfish.jersey.media:jersey-media-json-binding@2.47

Detailed paths

  • Introduced through: Cantara/visuale@Cantara/visuale#026803c915bd4ce4ee808cd1a3d194ce058ee6d6 org.glassfish.jersey.media:jersey-media-json-binding@2.47 jakarta.json.bind:jakarta.json.bind-api@1.0.2 junit:junit@4.12
  • Introduced through: Cantara/visuale@Cantara/visuale#026803c915bd4ce4ee808cd1a3d194ce058ee6d6 org.glassfish.jersey.media:jersey-media-json-binding@2.47 org.eclipse:yasson@1.0.11 jakarta.json.bind:jakarta.json.bind-api@1.0.2 junit:junit@4.12

EPL-1.0 license

EPL-1.0 license vulnerability report

low severity

Information Exposure

  • Vulnerable module: org.jetbrains.kotlin:kotlin-stdlib
  • Introduced through: com.slack.api:slack-api-client@1.45.4

Detailed paths

  • Introduced through: Cantara/visuale@Cantara/visuale#026803c915bd4ce4ee808cd1a3d194ce058ee6d6 com.slack.api:slack-api-client@1.45.4 com.squareup.okhttp3:okhttp@4.12.0 org.jetbrains.kotlin:kotlin-stdlib-jdk8@1.8.21 org.jetbrains.kotlin:kotlin-stdlib@1.8.21
  • Introduced through: Cantara/visuale@Cantara/visuale#026803c915bd4ce4ee808cd1a3d194ce058ee6d6 com.slack.api:slack-api-client@1.45.4 com.squareup.okhttp3:okhttp@4.12.0 org.jetbrains.kotlin:kotlin-stdlib-jdk8@1.8.21 org.jetbrains.kotlin:kotlin-stdlib-jdk7@1.8.21 org.jetbrains.kotlin:kotlin-stdlib@1.8.21
  • Introduced through: Cantara/visuale@Cantara/visuale#026803c915bd4ce4ee808cd1a3d194ce058ee6d6 com.slack.api:slack-api-client@1.45.4 com.squareup.okhttp3:okhttp@4.12.0 com.squareup.okio:okio@3.6.0 com.squareup.okio:okio-jvm@3.6.0 org.jetbrains.kotlin:kotlin-stdlib-jdk8@1.8.21 org.jetbrains.kotlin:kotlin-stdlib@1.8.21
  • Introduced through: Cantara/visuale@Cantara/visuale#026803c915bd4ce4ee808cd1a3d194ce058ee6d6 com.slack.api:slack-api-client@1.45.4 com.squareup.okhttp3:okhttp@4.12.0 com.squareup.okio:okio@3.6.0 com.squareup.okio:okio-jvm@3.6.0 org.jetbrains.kotlin:kotlin-stdlib-jdk8@1.8.21 org.jetbrains.kotlin:kotlin-stdlib-jdk7@1.8.21 org.jetbrains.kotlin:kotlin-stdlib@1.8.21

Overview

org.jetbrains.kotlin:kotlin-stdlib is a Kotlin Standard Library for JVM.

Affected versions of this package are vulnerable to Information Exposure. A Kotlin application using createTempDir or createTempFile and placing sensitive information within either of these locations would be leaking this information in a read-only way to other users also on this system.

Note: As of version 1.4.21, the vulnerable functions have been marked as deprecated. Due to still being usable, this advisory is kept as "unfixed".

PoC by JLLeitschuh

package org.jlleitschuh.sandbox

import org.junit.jupiter.api.Test
import java.io.BufferedReader
import java.io.File
import java.io.IOException
import java.io.InputStreamReader
import java.nio.file.Files

class KotlinTempDirectoryPermissionCheck {
    @Test
    fun `kotlin check default directory permissions`() {
        val dir = createTempDir()
        runLS(dir.parentFile, dir) // Prints drwxr-xr-x
    }

    @Test
    fun `Files check default directory permissions`() {
        val dir = Files.createTempDirectory("random-directory")
        runLS(dir.toFile().parentFile, dir.toFile()) // Prints drwx------
    }

    @Test
    fun `kotlin check default file permissions`() {
        val file = createTempFile()
        runLS(file.parentFile, file) // Prints -rw-r--r--
    }

    @Test
    fun `Files check default file permissions`() {
        val file = Files.createTempFile("random-file", ".txt")
        runLS(file.toFile().parentFile, file.toFile()) // Prints -rw-------
    }

    private fun runLS(file: File, lookingFor: File) {
        val processBuilder = ProcessBuilder()
        processBuilder.command("ls", "-l", file.absolutePath)
        try {
            val process = processBuilder.start()
            val output = StringBuilder()
            val reader = BufferedReader(
                InputStreamReader(process.inputStream)
            )
            reader.lines().forEach { line ->
                if (line.contains("total")) {
                    output.append(line).append('\n')
                }
                if (line.contains(lookingFor.name)) {
                    output.append(line).append('\n')
                }
            }
            val exitVal = process.waitFor()
            if (exitVal == 0) {
                println("Success!")
                println(output)
            } else {
                //abnormal...
            }
        } catch (e: IOException) {
            e.printStackTrace()
        } catch (e: InterruptedException) {
            e.printStackTrace()
        }
    }
}

Remediation

Upgrade org.jetbrains.kotlin:kotlin-stdlib to version 2.1.0 or higher.

References

Information Exposure vulnerability report

low severity

Information Exposure

  • Vulnerable module: junit:junit
  • Introduced through: org.glassfish.jersey.media:jersey-media-json-binding@2.47

Detailed paths

  • Introduced through: Cantara/visuale@Cantara/visuale#026803c915bd4ce4ee808cd1a3d194ce058ee6d6 org.glassfish.jersey.media:jersey-media-json-binding@2.47 jakarta.json.bind:jakarta.json.bind-api@1.0.2 junit:junit@4.12
    Remediation: Upgrade to org.glassfish.jersey.media:jersey-media-json-binding@2.47.
  • Introduced through: Cantara/visuale@Cantara/visuale#026803c915bd4ce4ee808cd1a3d194ce058ee6d6 org.glassfish.jersey.media:jersey-media-json-binding@2.47 org.eclipse:yasson@1.0.11 jakarta.json.bind:jakarta.json.bind-api@1.0.2 junit:junit@4.12
    Remediation: Upgrade to org.glassfish.jersey.media:jersey-media-json-binding@2.47.

Overview

junit:junit is an unit testing framework for Java

Affected versions of this package are vulnerable to Information Exposure. The JUnit4 test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system.

Note: This vulnerability does not allow other users to overwrite the contents of these directories or files. This only affects Unix like systems.

Remediation

Upgrade junit:junit to version 4.13.1 or higher.

References

Information Exposure vulnerability report