3 matches found
Portainer has a path traversal in backup archive extraction that allows arbitrary file write
Summary Portainer's backup restore feature accepts a .tar.gz archive and extracts it to a target directory on the server. The extraction function ExtractTarGz in api/archive/targz.go constructed output paths using filepath.Cleanfilepath.JoinoutputDirPath, header.Name. This combination does not...
Command Injection
Overview git-archive is a module to take a bare git repo, archive it, and export it as a tarball to a given path Affected versions of this package are vulnerable to Command Injection via the exports function. Remediation There is no fixed version for git-archive. Credit: JHU System Security Lab...
CVE-2017-9671
A heap overflow in apk Alpine Linux's package manager allows a remote attacker to cause a denial of service, or achieve code execution, by crafting a malicious APKINDEX.tar.gz file with a bad pax header block...