Bug 1584392 (CVE-2018-1002200)
Summary: | CVE-2018-1002200 plexus-archiver: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Laura Pardo <lpardo> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | unspecified | CC: | apevec, chazlett, chrisw, dbhole, hhorak, jaromir.capik, java-maint, java-sig-commits, jjoyce, jorton, jschluet, kbasil, lhh, lpeer, markmc, mburns, mizdebsk, mkolesni, rbryant, sclewis, security-response-team, slinaber, tdecacqu |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | plexus-archiver 3.6.0 | Doc Type: | If docs needed, set a value |
Doc Text: |
A path traversal vulnerability has been discovered in plexus-archiver when extracting a carefully crafted zip file which holds path traversal file names. A remote attacker could use this vulnerability to write files outside the target directory and overwrite existing files with malicious code or vulnerable configurations.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2019-06-10 10:27:01 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1585546, 1585631, 1585632, 1585633, 1585634, 1585635, 1585636, 1587816, 1587817, 1587818 | ||
Bug Blocks: | 1584393 |
Description
Laura Pardo
2018-05-30 19:27:01 UTC
The above fix was included in upstream version 3.6.0. Acknowledgments: Name: Danny Grander (Snyk) External References: https://snyk.io/research/zip-slip-vulnerability Created plexus-archiver tracking bugs for this issue: Affects: fedora-27 [bug 1587818] Affects: fedora-28 [bug 1587817] This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:1836 https://access.redhat.com/errata/RHSA-2018:1836 This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 6 Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7 Red Hat Software Collections for Red Hat Enterprise Linux 7.3 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS Via RHSA-2018:1837 https://access.redhat.com/errata/RHSA-2018:1837 Marking Fuse 7 not affected, used at build time but crucially the vulnerable methods to zipslip are not used |