Path Traversal Vulnerability in Tar File Extraction
Description
The application may be vulnerable to a path traversal if it extracts untrusted archive files. This vulnerability is colloquially known as 'Zip Slip'. Archive files may contain folders which, when extracted, may write outside of the intended directory.
Examples
Insecure Code
python
tar = tarfile.open('some.tar'); tar.extractall()Secure Code
python
tar = tarfile.open('some.tar'); tar.extract('some.tar', '/opt/app/restricted/')Remediation
Validate file paths, generate unique filenames, and extract files to a restricted directory with secure attributes.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0154 |
| Category | Injection |
| Severity | MEDIUM |
| CWE | CWE-22 |
| Confidence | HIGH |
| Impact | HIGH |
| Likelihood | MEDIUM |
| Exploitability | EASY |
| Tags | Path Traversal, Zip Slip |
| OWASP | A5:2017-Broken Access Control, A01:2021-Broken Access Control |