package = "github.com/sassoftware/go-rpmutils/cpio" | |
description = """ | |
Malicious RPM archives can be crafted that contain relative | |
file paths, such that arbitary files outside of the target directory | |
may be overwritten. | |
""" | |
cve = "CVE-2020-7667" | |
symbols = ["Extract"] | |
[[versions]] | |
fixed = "v0.1.0" | |
[links] | |
commit = "https://github.com/sassoftware/go-rpmutils/commit/a64058cf21b8aada501bba923c9aab66fb6febf0" | |
context = ["https://snyk.io/research/zip-slip-vulnerability"] |