PT-2020-19695 · Go Rpmutils · Go-Rpmutils/Cpio

Georgios Gkitsas

Published

2020-06-24

Updated

2021-12-21

CVE-2020-7667

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions go-rpmutils/cpio version 0.1.0 and earlier

Description The CPIO extraction functionality does not sanitize the paths of the archived files for leading and non-leading .., which leads to file extraction outside of the current directory. This is due to improper path sanitization, allowing RPMs containing relative file paths to cause files to be written or overwritten outside of the target directory.

Recommendations For go-rpmutils/cpio version 0.1.0 and earlier, update to version 0.1.0 or later, as the fixing commit was applied to all affected versions which were re-released.

Exploit

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2020-7667

GHSA-9423-6C93-GPP8

GO-2020-0042

SNYK-GOLANG-GITHUBCOMSASSOFTWAREGORPMUTILSCPIO-570427

Affected Products

Go-Rpmutils/Cpio

PT-2020-19695 · Go Rpmutils · Go-Rpmutils/Cpio

CVE-2020-7667

Weakness Enumeration

Related Identifiers

Affected Products

References · 10