logo

Database

Server side template injection In @asyncapi/java-spring-cloud-stream-template

Description

Code injection issue for java-spring-cloud-stream-template The following was initially reported by @jonaslagoni:

Given the following command: ag ./dummy.json @asyncapi/java-spring-cloud-stream-template --force-write --output ./output

With the following AsyncAPI document:

{
  "asyncapi": "2.0.0",
  "info": {
    "title": "Streetlight",
    "version": "1.0.0"
  },
  "defaultContentType": "json",
  "channels": {...

Which changes the following output:

...
  @Bean
  public Consumer<CustomClass> test() {
    // Add business logic here.
    return null;
  }
...

To

...
  @Bean
  public Consumer<CustomClass> test() { System.out.println("injected"); return someothername(); }
  public Consumer<CustomClass> someothername() {
    // Add business logic here.
    return null;
  }
......

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2021-376942. NVD-2021-376943. OSV-2021-376944. GHSA-xj6r-2jpm-qvxp5. GCVE-2021-37694

References

1. https://github.com/asyncapi/java-spring-cloud-stream-template/security/advisories/GHSA-xj6r-2jpm-qvxp

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.