Affecting com.google.guava:guava artifact, versions [, 30.0-android) || (30.0-android, 30.0-jre)Report new vulnerabilities
com.google.guava:guava is a set of core libraries that includes new collection types (such as multimap and multiset,immutable collections, a graph library, functional types, an in-memory cache and more.
Affected versions of this package are vulnerable to Information Disclosure. The file permissions on the file created by com.google.common.io.Files.createTempDir allows an attacker running a malicious program co-resident on the same machine can steal secrets stored in this directory. This is because by default on unix-like operating systems the /temp directory is shared between all users, so if the correct file permissions aren't set by the directory/file creator, the file becomes readable by all other users on that system.
File guavaTempDir = com.google.common.io.Files.createTempDir(); System.out.println("Guava Temp Dir: " + guavaTempDir.getName()); runLS(guavaTempDir.getParentFile(), guavaTempDir); // Prints the file permissions -> drwxr-xr-x File child = new File(guavaTempDir, "guava-child.txt"); child.createNewFile(); runLS(guavaTempDir, child); // Prints the file permissions -> -rw-r--r--
com.google.guava:guava to version 30.0-android, 30.0-jre or higher.
- Jonathan Leitschuh
- Snyk ID
- 02 Oct, 2020
- 23 Oct, 2020