The Power of Taint Analysis: Uncovering Critical Code Vulnerability in OpenAPI Generator
The OpenAPI Generator, a popular tool with over 20k stars on GitHub, was found to have a complex taint flow vulnerability that could lead to arbitrary file read and deletion. This critical vulnerability, CVE-2024-35219, affected versions 7.5.0 and below of the OpenAPI Generator. The issue has been fixed with pull request #18652 in version 7.6.0. Taint analysis, a technique used by SonarQube and SonarCloud to identify security vulnerabilities, was instrumental in discovering this vulnerability. The patch involved removing the code that concatenated attacker-controllable options into the destination folder.
Company
Sonar
Date published
Oct. 22, 2024
Author(s)
Stefan Schiller
Word count
1401
Language
English
Hacker News points
None found.