blob: ad82d48edb4cfdff5a30f0581bf5a6d513f5b01f [file] [log] [blame]
module: github.com/openshift/source-to-image
package: github.com/openshift/source-to-image/pkg/tar
versions:
- fixed: v1.1.10-0.20180427153919-f5cbcbc5cc6f
description: |
Due to improper path santization, archives containing relative file
paths can cause files to be written (or overwritten) outside of the
target directory.
published: 2021-04-14T12:00:00Z
cve: CVE-2018-1103
symbols:
- stiTar.ExtractTarStreamFromTarReader
- stiTar.extractLink
- New
links:
commit: https://github.com/openshift/source-to-image/commit/f5cbcbc5cc6f8cc2f479a7302443bea407a700cb
context:
- https://snyk.io/research/zip-slip-vulnerability