Vulnerability Description
rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Traversal vulnerability in Zip::File component that can result in write arbitrary files to the filesystem. This attack appear to be exploitable via If a site allows uploading of .zip files , an attacker can upload a malicious file that contains symlinks or files with absolute pathnames "../" to write arbitrary files to the filesystem..
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rubyzip Project | Rubyzip | <= 1.2.1 |
| Debian | Debian Linux | 8.0 |
| Redhat | Cloudforms | 4.6 |
Related Weaknesses (CWE)
References
- https://access.redhat.com/errata/RHSA-2018:3466Third Party Advisory
- https://github.com/rubyzip/rubyzip/issues/369ExploitThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2018/08/msg00013.htmlMailing ListThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2020/08/msg00002.htmlMailing ListThird Party Advisory
- https://access.redhat.com/errata/RHSA-2018:3466Third Party Advisory
- https://github.com/rubyzip/rubyzip/issues/369ExploitThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2018/08/msg00013.htmlMailing ListThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2020/08/msg00002.htmlMailing ListThird Party Advisory
FAQ
What is CVE-2018-1000544?
CVE-2018-1000544 is a vulnerability with a CVSS score of 9.8 (CRITICAL). rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Traversal vulnerability in Zip::File component that can result in write arbitrary files to the filesystem. This attack appear to be e...
How severe is CVE-2018-1000544?
CVE-2018-1000544 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2018-1000544?
Check the references section above for vendor advisories and patch information. Affected products include: Rubyzip Project Rubyzip, Debian Debian Linux, Redhat Cloudforms.