/plushcap/analysis/sonar/sonar-the-power-of-taint-analysis-uncovering-critical-code-vulnerability-in-openapi-generator

The Power of Taint Analysis: Uncovering Critical Code Vulnerability in OpenAPI Generator

What's this blog post about?

The OpenAPI Generator, a popular tool with over 20k stars on GitHub, was found to have a complex taint flow vulnerability that could lead to arbitrary file read and deletion. This critical vulnerability, CVE-2024-35219, affected versions 7.5.0 and below of the OpenAPI Generator. The issue has been fixed with pull request #18652 in version 7.6.0. Taint analysis, a technique used by SonarQube and SonarCloud to identify security vulnerabilities, was instrumental in discovering this vulnerability. The patch involved removing the code that concatenated attacker-controllable options into the destination folder.

Company
Sonar

Date published
Oct. 22, 2024

Author(s)
Stefan Schiller

Word count
1401

Language
English

Hacker News points
None found.


By Matt Makai. 2021-2024.