Описание
node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This issue has been patched in version 7.5.10.
A flaw was found in node-tar. A hardlink that points outside the extraction directory can be created by using a drive-relative link target such as C:../target.txt, allowing a file overwrite outside the current working directory during normal tar.x() extraction.
Отчет
To exploit this flaw, an attacker must be able to supply a specially crafted archive to be processed by an application using node-tar. Additionally, this vulnerability allows files to be extracted outside the intended directory but it is still limited to the permissions of the node-tar application processing the archive. Due to this reason, this flaw has been rated with an important severity. This vulnerability does not affect node-tar running on Unix-like systems as it relies on a drive-relative link target to be exploited.
Меры по смягчению последствий
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Cryostat 4 | io.cryostat-cryostat | Not affected | ||
| Logging Subsystem for Red Hat OpenShift | openshift-logging/elasticsearch6-rhel9 | Not affected | ||
| Logging Subsystem for Red Hat OpenShift | openshift-logging/elasticsearch-operator-bundle | Not affected | ||
| Logging Subsystem for Red Hat OpenShift | openshift-logging/elasticsearch-proxy-rhel9 | Not affected | ||
| Logging Subsystem for Red Hat OpenShift | openshift-logging/elasticsearch-rhel9-operator | Not affected | ||
| Logging Subsystem for Red Hat OpenShift | openshift-logging/kibana6-rhel8 | Not affected | ||
| Logging Subsystem for Red Hat OpenShift | openshift-logging/logging-curator5-rhel9 | Not affected | ||
| Network Observability Operator | network-observability/network-observability-console-plugin-compat-rhel9 | Not affected | ||
| Network Observability Operator | network-observability/network-observability-console-plugin-rhel9 | Not affected | ||
| Red Hat 3scale API Management Platform 2 | 3scale-amp20/system | Not affected |
Показывать по
Дополнительная информация
Статус:
8.6 High
CVSS3
Связанные уязвимости
node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This issue has been patched in version 7.5.10.
node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This issue has been patched in version 7.5.10.
node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, ...
8.6 High
CVSS3