GSD-2020-29529
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
HashiCorp go-slug up to 0.4.3 did not fully protect against directory traversal while unpacking tar archives, and protections could be bypassed with specific constructions of multiple symlinks. Fixed in 0.5.0.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-29529",
"description": "HashiCorp go-slug up to 0.4.3 did not fully protect against directory traversal while unpacking tar archives, and protections could be bypassed with specific constructions of multiple symlinks. Fixed in 0.5.0.",
"id": "GSD-2020-29529",
"references": [
"https://access.redhat.com/errata/RHSA-2021:1168"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-29529"
],
"details": "HashiCorp go-slug up to 0.4.3 did not fully protect against directory traversal while unpacking tar archives, and protections could be bypassed with specific constructions of multiple symlinks. Fixed in 0.5.0.",
"id": "GSD-2020-29529",
"modified": "2023-12-13T01:22:11.939960Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-29529",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HashiCorp go-slug up to 0.4.3 did not fully protect against directory traversal while unpacking tar archives, and protections could be bypassed with specific constructions of multiple symlinks. Fixed in 0.5.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/hashicorp/go-slug/releases/tag/v0.5.0",
"refsource": "MISC",
"url": "https://github.com/hashicorp/go-slug/releases/tag/v0.5.0"
},
{
"name": "https://github.com/hashicorp/go-slug/compare/v0.4.3...v0.5.0",
"refsource": "MISC",
"url": "https://github.com/hashicorp/go-slug/compare/v0.4.3...v0.5.0"
},
{
"name": "https://github.com/hashicorp/go-slug/pull/12",
"refsource": "MISC",
"url": "https://github.com/hashicorp/go-slug/pull/12"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2020-262-zipslip-go-slug",
"refsource": "MISC",
"url": "https://securitylab.github.com/advisories/GHSL-2020-262-zipslip-go-slug"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003cv0.5.0",
"affected_versions": "All versions before 0.5.0",
"cvss_v2": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-22",
"CWE-59",
"CWE-937"
],
"date": "2021-03-08",
"description": "HashiCorp go-slug did not fully protect against Zip Slip attacks while unpacking tar archives, and protections could be bypassed with specific constructions of multiple symlinks.",
"fixed_versions": [
"v0.5.0"
],
"identifier": "CVE-2020-29529",
"identifiers": [
"CVE-2020-29529"
],
"not_impacted": "All versions starting from 0.5.0",
"package_slug": "go/github.com/hashicorp/go-slug",
"pubdate": "2020-12-03",
"solution": "Upgrade to version 0.5.0 or above.",
"title": "Improper Link Resolution Before File Access",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2020-29529"
],
"uuid": "0f161d7d-69f8-4554-a238-796a69a37be1",
"versions": [
{
"commit": {
"sha": "28cafc59c8da6126a3ae94dfa84181df4073454f",
"tags": [
"v0.5.0"
],
"timestamp": "20201203171341"
},
"number": "v0.5.0"
}
]
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:hashicorp:go-slug:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.5.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-29529"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "HashiCorp go-slug up to 0.4.3 did not fully protect against directory traversal while unpacking tar archives, and protections could be bypassed with specific constructions of multiple symlinks. Fixed in 0.5.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
},
{
"lang": "en",
"value": "CWE-59"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/hashicorp/go-slug/compare/v0.4.3...v0.5.0",
"refsource": "MISC",
"tags": [
"Patch",
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/hashicorp/go-slug/compare/v0.4.3...v0.5.0"
},
{
"name": "https://github.com/hashicorp/go-slug/releases/tag/v0.5.0",
"refsource": "MISC",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/hashicorp/go-slug/releases/tag/v0.5.0"
},
{
"name": "https://github.com/hashicorp/go-slug/pull/12",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/hashicorp/go-slug/pull/12"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2020-262-zipslip-go-slug",
"refsource": "MISC",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-262-zipslip-go-slug"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2021-03-08T13:22Z",
"publishedDate": "2020-12-03T20:15Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…