github.com/openshift/source-to-image is vulnerable to Arbitrary File Write. The vulnerability exists due to the improper input validation in tar.go
, which allows an attacker to overwrite files outside of the working directory via a Zip Slip.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/openshift/source-to-image | le | v1.1.9 | |
github.com/openshift/source-to-image | le | v1.1.9 |