CVE-2018-1002200 — Improper Limitation of a Pathname to a Restricted Directory in plexus-archiver

Description

plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'.

How to fix CVE-2018-1002200

To remediate CVE-2018-1002200, upgrade the affected package to a fixed version below.

—upgrade to 3.6.0-1 or later
—upgrade to 1.2-1+deb8u1 or later
—upgrade to 3.6.0 or later

Is CVE-2018-1002200 being exploited?

Moderate — EPSS is 5.5%. Track this CVE but it's not at the top of the prioritisation list.

Affected packages (3)

from 0, < 3.6.0-1
from 0, < 1.2-1+deb8u1
from 0, < 3.6.0

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM5.5	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

References (11)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2018-1002200
ADVISORYsecurity-tracker.debian.org/tracker/CVE-2018-1002200
PATCHgithub.com/codehaus-plexus/plexus-archiver
WEBaccess.redhat.com/errata/RHSA-2018:1836
WEB