Vulnerability Description
All versions of archiver allow attacker to perform a Zip Slip attack via the "unarchive" functions. It is exploited using a specially crafted zip archive, that holds path traversal filenames. When exploited, a filename in a malicious archive is concatenated to the target extraction directory, which results in the final path ending up outside of the target folder. For instance, a zip may hold a file with a "../../file.exe" location and thus break out of the target folder. If an executable or a configuration file is overwritten with a file containing malicious code, the problem can turn into an arbitrary code execution issue quite easily.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Archiver Project | Archiver | >= 3.0.0, < 3.3.2 |
Related Weaknesses (CWE)
References
- https://github.com/mholt/archiver/pull/169Issue Tracking
- https://snyk.io/research/zip-slip-vulnerabilityThird Party Advisory
- https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMMHOLTARCHIVERCMDARC-174728%2CBroken Link
- https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMMHOLTARCHIVERCMDARC-174728ExploitThird Party Advisory
- https://github.com/mholt/archiver/pull/169Issue Tracking
- https://snyk.io/research/zip-slip-vulnerabilityThird Party Advisory
- https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMMHOLTARCHIVERCMDARC-174728%2CBroken Link
FAQ
What is CVE-2019-10743?
CVE-2019-10743 is a vulnerability with a CVSS score of 5.5 (MEDIUM). All versions of archiver allow attacker to perform a Zip Slip attack via the "unarchive" functions. It is exploited using a specially crafted zip archive, that holds path traversal filenames. When exp...
How severe is CVE-2019-10743?
CVE-2019-10743 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-10743?
Check the references section above for vendor advisories and patch information. Affected products include: Archiver Project Archiver.