Description
rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Traversal vulnerability in Zip::File component that can result in write arbitrary files to the filesystem. This attack appear to be exploitable via If a site allows uploading of .zip files , an attacker can upload a malicious file that contains symlinks or files with absolute pathnames "../" to write arbitrary files to the filesystem..
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9Attack Vector: Network
Complexity: Low
Privileges: None
User Interaction: None
Scope: Unchanged
Confidentiality: High
Integrity: High
Availability: High
Affected Packages4 packages
Also affects: Debian Linux 8.0, 9.0
🔴Vulnerability Details
4OSVRubyzip gem contains a Directory Traversal vulnerability in zip file component↗2018-09-06 GHSARubyzip gem contains a Directory Traversal vulnerability in zip file component↗2018-09-06 OSVCVE-2018-1000544: rubyzip gem rubyzip version 1↗2018-06-26 CVEListCVE-2018-1000544: rubyzip gem rubyzip version 1↗2018-06-26 📋Vendor Advisories
2Red Hatrubyzip: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file↗2018-06-05 DebianCVE-2018-1000544: ruby-zip - rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Traversal vul...↗2018 💬Community
2BugzillaCVE-2018-1000544 rubyzip: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file↗2018-06-19 BugzillaCVE-2018-1000544 rubygem-rubyzip: various flaws [fedora-all]↗2018-06-19