CVE-2018-1002200

Published: Jul 25, 2018Modified: Nov 21, 2024

5.5

Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'.

Affected (6)

Products: Codehaus Plexus: Plexus Archiver · Debian: Debian Linux · Redhat: Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Workstation

Codehaus Plexus

1 product

Plexus Archiver

1 product

3 products

Enterprise Linux

Enterprise Linux Desktop

Enterprise Linux Workstation

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Codehaus Plexus Plexus Archiver	Before 3.6.0

Configuration B

5 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 8.0
Debian Debian Linux	Version 9.0
Redhat Enterprise Linux	Version 7.5
Redhat Enterprise Linux Desktop	Version 7.0
Redhat Enterprise Linux Workstation	Version 7.0

Related CWEs

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

References (16)

https://access.redhat.com/errata/RHSA-2018:1836

Source: report@snyk.io

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:1837

Source: report@snyk.io

Third Party Advisory

https://github.com/codehaus-plexus/plexus-archiver/commit/f8f4233508193b70df33759ae9dc6154d69c2ea8

Source: report@snyk.io

Issue TrackingPatchThird Party Advisory

https://github.com/codehaus-plexus/plexus-archiver/pull/87

Source: report@snyk.io

ExploitIssue TrackingPatchThird Party Advisory

https://github.com/snyk/zip-slip-vulnerability

Source: report@snyk.io

ExploitIssue TrackingThird Party Advisory

https://snyk.io/research/zip-slip-vulnerability

Source: report@snyk.io

ExploitThird Party Advisory

https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31680

Source: report@snyk.io

ExploitThird Party Advisory

https://www.debian.org/security/2018/dsa-4227

Source: report@snyk.io

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:1836

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:1837

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://github.com/codehaus-plexus/plexus-archiver/commit/f8f4233508193b70df33759ae9dc6154d69c2ea8

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatchThird Party Advisory

https://github.com/codehaus-plexus/plexus-archiver/pull/87

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitIssue TrackingPatchThird Party Advisory

https://github.com/snyk/zip-slip-vulnerability

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitIssue TrackingThird Party Advisory

https://snyk.io/research/zip-slip-vulnerability

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31680

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://www.debian.org/security/2018/dsa-4227

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.