Sheung Chi Chan created CODEC-318: ------------------------------------- Summary: Possible path traversal vulnerability in the Digest class CLI Key: CODEC-318 URL: https://issues.apache.org/jira/browse/CODEC-318 Project: Commons Codec Issue Type: Improvement Reporter: Sheung Chi Chan
The {{Digest}} class in the {{cli}} package provides a CLI for calculating a message digest with the support of {{DigestUtils}} class. The CLI takes in a list of arguments from the users and stores them, assuming all the arguments are local file paths for message digestion calculation. These file paths are stored as object variables and are processed one by one in the run method. The run method opens each of the file paths, reads the content and calculates message digests using the {{DigestUtils}} class. All file paths are never checked nor sanitized and are directly passed and controlled by the CLI users. This opens up vulnerability for path traversal attacks because the user of the CLI has full control of the path string. Considering that Apache Commons Codec is meant to be used as a library by a general developer, the existence of a vulnerable CLI in the library could open up the path traversal vulnerability to an attacker on any application adopting the libraries and gain illegal access in the execution environment. -- This message was sent by Atlassian Jira (v8.20.10#820010)