Описание
Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.
A flaw was found in the cloudfoundry/archiver package. In affected versions of this package, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory due to improper path sanitization.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Quay 3 | quay/quay-builder-rhel8 | Affected |
Показывать по
10
Дополнительная информация
Статус:
Important
Дефект:
CWE-22
https://bugzilla.redhat.com/show_bug.cgi?id=2157840cloudfoundry/archiver: improper path sanitization can result in files being extracted outside of the target directory
9.1 Critical
CVSS3
Связанные уязвимости
CVSS3: 9.1
nvd
около 3 лет назад
Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.
CVSS3: 9.1
github
около 3 лет назад
Cloud Foundry Archiver vulnerable to path traversal
9.1 Critical
CVSS3