hsuk04
hsuk04
## Description This PR modernizes the`createTmpDir()` method in ExporterTestUtils.java by replacing the older implementation with the Java NIO.2 Files API. The previous implementation has a potential race condition vulnerability between...
### Description Applying a fix that was applied to the original codebase https://github.com/Guardsquare/proguard-core/commit/c6d8746b06d8ab8bff55b6609eb700f2387778eb that has not been applied here yet. As per the original commit: Summary: When you forget an...
This PR addresses a potential XML External Entity (XXE) vulnerability in the SimpleXmlReader class by securely configuring the DocumentBuilderFactory to disable external entity processing. The changes ensure that the XML...
### Description This PR changes the createTempDir method in the DirUtils class to use the modern java.nio.file.Files.createTempDirectory API. The updated implementation ensures: - Temporary directories are created atomically within the...
This PR helps update the evdns third-party dependency to address an issue originally reported here: https://github.com/libevent/libevent/commit/ec65c42 & https://github.com/libevent/libevent/issues/332 The search_make_new function in evdns.c in libevent before 2.1.6-beta allows attackers to...
### Description of PR Porting a fix from original codebase that has not been applied here yet Original commit: https://github.com/DaveGamble/cJSON/commit/be749d7efa7c9021da746e685bd6dec79f9dd99b
### Description of PR Applying a fix from the original codebase that has not been applied here yet. This adds a NULL check in cJSON_InsertItemInArray. Referenced from the original commit...
Descriptions of the changes in this PR: This PR modernizes the createTempDir method in IOUtils.java and eliminates a potential race condition/directory hijacking vulnerability by using a safer, atomic method Files.createTempDirectory()...