Uploaded image for project: 'Commons Compress'
  1. Commons Compress
  2. COMPRESS-495

Zip Slip in SevenZ CLI

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.20
    • Component/s: Archivers
    • Labels:

      Description

      The SevenZ decompressor doesn't check that the file to be extracted is escaping the current directory or not.

      Vulnerable code: https://github.com/apache/commons-compress/blob/26b78cecfc1ca0e5daf03109b2c441f960bde678/src/main/java/org/apache/commons/compress/archivers/sevenz/CLI.java#L67

      In another place in the repository, there is a safe implementation that was added as an example when the Zip Slip vulnerability was originally published: https://github.com/apache/commons-compress/blob/1a14a23a05f7104e3d41a25a0f7e78ae1556285e/src/main/java/org/apache/commons/compress/archivers/examples/Expander.java#L308

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              molnarg Gabor Molnar
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: