{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2018-25046", "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "state": "PUBLISHED", "assignerShortName": "Go", "dateReserved": "2022-07-29T16:42:57.960Z", "datePublished": "2022-12-27T21:13:15.767Z", "dateUpdated": "2025-04-11T22:53:21.678Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go", "dateUpdated": "2023-06-12T19:03:33.222Z"}, "title": "Path traversal in code.cloudfoundry.org/archiver", "descriptions": [{"lang": "en", "value": "Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory."}], "affected": [{"vendor": "code.cloudfoundry.org/archiver", "product": "code.cloudfoundry.org/archiver/extractor", "collectionURL": "https://pkg.go.dev", "packageName": "code.cloudfoundry.org/archiver/extractor", "versions": [{"version": "0", "lessThan": "0.0.0-20180523222229-09b5706aa936", "status": "affected", "versionType": "semver"}], "programRoutines": [{"name": "extractTarArchiveFile"}, {"name": "extractZipArchiveFile"}, {"name": "detectableExtractor.Extract"}, {"name": "tarExtractor.Extract"}, {"name": "tgzExtractor.Extract"}, {"name": "zipExtractor.Extract"}], "defaultStatus": "unaffected"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE 29: Path Traversal: \"\\..\\filename\""}]}], "references": [{"url": "https://github.com/cloudfoundry/archiver/commit/09b5706aa9367972c09144a450bb4523049ee840"}, {"url": "https://snyk.io/research/zip-slip-vulnerability"}, {"url": "https://pkg.go.dev/vuln/GO-2020-0025"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T12:26:39.631Z"}, "title": "CVE Program Container", "references": [{"url": "https://github.com/cloudfoundry/archiver/commit/09b5706aa9367972c09144a450bb4523049ee840", "tags": ["x_transferred"]}, {"url": "https://snyk.io/research/zip-slip-vulnerability", "tags": ["x_transferred"]}, {"url": "https://pkg.go.dev/vuln/GO-2020-0025", "tags": ["x_transferred"]}]}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-04-11T22:52:44.875606Z", "id": "CVE-2018-25046", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-11T22:53:21.678Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/cloudfoundry/archiver/commit/09b5706aa9367972c09144a450bb4523049ee840", "tags": ["x_transferred"]}, {"url": "https://snyk.io/research/zip-slip-vulnerability", "tags": ["x_transferred"]}, {"url": "https://pkg.go.dev/vuln/GO-2020-0025", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T12:26:39.631Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2018-25046", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-11T22:52:44.875606Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-11T22:53:09.739Z"}}], "cna": {"title": "Path traversal in code.cloudfoundry.org/archiver", "affected": [{"vendor": "code.cloudfoundry.org/archiver", "product": "code.cloudfoundry.org/archiver/extractor", "versions": [{"status": "affected", "version": "0", "lessThan": "0.0.0-20180523222229-09b5706aa936", "versionType": "semver"}], "packageName": "code.cloudfoundry.org/archiver/extractor", "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "programRoutines": [{"name": "extractTarArchiveFile"}, {"name": "extractZipArchiveFile"}, {"name": "detectableExtractor.Extract"}, {"name": "tarExtractor.Extract"}, {"name": "tgzExtractor.Extract"}, {"name": "zipExtractor.Extract"}]}], "references": [{"url": "https://github.com/cloudfoundry/archiver/commit/09b5706aa9367972c09144a450bb4523049ee840"}, {"url": "https://snyk.io/research/zip-slip-vulnerability"}, {"url": "https://pkg.go.dev/vuln/GO-2020-0025"}], "descriptions": [{"lang": "en", "value": "Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE 29: Path Traversal: \"\\..\\filename\""}]}], "providerMetadata": {"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go", "dateUpdated": "2023-06-12T19:03:33.222Z"}}}, "cveMetadata": {"cveId": "CVE-2018-25046", "state": "PUBLISHED", "dateUpdated": "2025-04-11T22:53:21.678Z", "dateReserved": "2022-07-29T16:42:57.960Z", "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "datePublished": "2022-12-27T21:13:15.767Z", "assignerShortName": "Go"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cloudfoundry:archiver:*:*:*:*:*:*:*:*", "matchCriteriaId": "4B280BBD-EF9C-4D23-A4D5-33DEC02E38EC", "versionEndExcluding": "2018-05-23", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory."}, {"lang": "es", "value": "Debido a una sanitizaci\u00f3n inadecuada de la ruta, los archivos que contienen rutas de archivo relativas pueden hacer que los archivos se escriban (o sobrescriban) fuera del directorio de destino."}], "id": "CVE-2018-25046", "lastModified": "2025-04-11T23:15:25.923", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2022-12-27T22:15:11.140", "references": [{"source": "security@golang.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/cloudfoundry/archiver/commit/09b5706aa9367972c09144a450bb4523049ee840"}, {"source": "security@golang.org", "tags": ["Third Party Advisory"], "url": "https://pkg.go.dev/vuln/GO-2020-0025"}, {"source": "security@golang.org", "tags": ["Technical Description", "Third Party Advisory"], "url": "https://snyk.io/research/zip-slip-vulnerability"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/cloudfoundry/archiver/commit/09b5706aa9367972c09144a450bb4523049ee840"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://pkg.go.dev/vuln/GO-2020-0025"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Technical Description", "Third Party Advisory"], "url": "https://snyk.io/research/zip-slip-vulnerability"}], "sourceIdentifier": "security@golang.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "cloudfoundry/archiver: improper path sanitization can result in files being extracted outside of the target directory", "id": "2157840", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2157840"}, "csaw": false, "cvss3": {"cvss3_base_score": "9.1", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "status": "draft"}, "cwe": "CWE-22", "details": ["Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.", "A flaw was found in the cloudfoundry/archiver package. In affected versions of this package, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory due to improper path sanitization."], "name": "CVE-2018-25046", "package_state": [{"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Affected", "package_name": "quay/quay-builder-rhel8", "product_name": "Red Hat Quay 3"}], "public_date": "2022-12-27T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-25046\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-25046\nhttps://github.com/cloudfoundry/archiver/commit/09b5706aa9367972c09144a450bb4523049ee840\nhttps://pkg.go.dev/vuln/GO-2020-0025\nhttps://snyk.io/research/zip-slip-vulnerability"], "threat_severity": "Important"}