CVE-2018-1000544

rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Traversal vulnerability in Zip::File component that can result in write arbitrary files to the filesystem. This attack appear to be exploitable via If a site allows uploading of .zip files , an attacker can upload a malicious file that contains symlinks or files with absolute pathnames "../" to write arbitrary files to the filesystem..

Published : 2018-06-26 16:29 Updated : 2019-03-13 13:33

7.5
CVSS Score More info
Score 7.5 / 10
7.5
Vendor Product Version URI
Rubyzip Project Rubyzip 1.2.1 cpe:/a:rubyzip_project:rubyzip:1.2.1
Debian Debian Linux 8.0 cpe:/o:debian:debian_linux:8.0
Redhat Cloudforms 4.6 cpe:/a:redhat:cloudforms:4.6
  1. Redhat (1) Search CVE
    1. Cloudforms (1) Search CVE
      1. 4.6
  2. Debian (1) Search CVE
    1. Debian Linux (1) Search CVE
      1. 8.0
  3. Rubyzip Project (1) Search CVE
    1. Rubyzip (1) Search CVE
      1. 1.2.1

CWE

ID Name Description Links
CWE-434 Unrestricted Upload of File with Dangerous Type The software allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. CVE
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. CVE

History of changes

Date Event
2019-03-13 13:33
2018-11-06 11:29
2018-08-20 12:37
2018-08-16 10:29
2018-06-26 16:29

New CVE