blob: 02e53f7f34894b165322c29c7233f6e9145155e5 [file] [log] [blame]
packages:
- module: github.com/openshift/source-to-image
package: github.com/openshift/source-to-image/pkg/tar
symbols:
- stiTar.ExtractTarStreamFromTarReader
- stiTar.extractLink
- New
derived_symbols:
- stiTar.ExtractTarStream
- stiTar.ExtractTarStreamWithLogging
versions:
- fixed: 1.1.10-0.20180427153919-f5cbcbc5cc6f
description: |
Due to improper path santization, archives containing relative file
paths can cause files to be written (or overwritten) outside of the
target directory.
published: 2021-04-14T20:04:52Z
cves:
- CVE-2018-1103
links:
commit: https://github.com/openshift/source-to-image/commit/f5cbcbc5cc6f8cc2f479a7302443bea407a700cb
context:
- https://snyk.io/research/zip-slip-vulnerability