| module: github.com/cloudfoundry/archiver |
| additional_packages: |
| - module: code.cloudfoundry.org/archiver |
| symbols: |
| - tgzExtractor.Extract |
| - zipExtractor.Extract |
| versions: |
| - fixed: v0.0.0-20180523222229-09b5706aa936 |
| versions: |
| - fixed: v0.0.0-20180523222229-09b5706aa936 |
| description: | |
| Due to improper path santization, archives containing relative file |
| paths can cause files to be written (or overwritten) outside of the |
| target directory. |
| published: 2021-04-14T12:00:00Z |
| symbols: |
| - tgzExtractor.Extract |
| - zipExtractor.Extract |
| links: |
| commit: https://github.com/cloudfoundry/archiver/commit/09b5706aa9367972c09144a450bb4523049ee840 |
| context: |
| - https://snyk.io/research/zip-slip-vulnerability |