CVE-2022-25842: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
(updated )
All versions of package com.alibaba.oneagent:one-java-agent-plugin is vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) using a specially crafted archive that holds directory traversal filenames (e.g. ../../evil.exe). The attacker can overwrite executable files and either invoke them remotely or wait for the system or user to call them, thus achieving remote command execution on the victim’s machine.
References
- github.com/advisories/GHSA-9hr3-j9mc-xmq2
- github.com/alibaba/one-java-agent/blob/1f399a2299a8a409d15ea6111a7098629b8f1050/one-java-agent-plugin/src/main/java/com/alibaba/oneagent/utils/IOUtils.java
- github.com/alibaba/one-java-agent/pull/29
- github.com/alibaba/one-java-agent/pull/29/commits/359603b63fc6c59d8b57e061c171954bab3433bf
- github.com/alibaba/one-java-agent/pull/29/commits/b5b437f9f4c8cbfe7bdbe266e975a4bd513c13fe
- nvd.nist.gov/vuln/detail/CVE-2022-25842
- snyk.io/vuln/SNYK-JAVA-COMALIBABAONEAGENT-2407874
Code Behaviors & Features
Detect and mitigate CVE-2022-25842 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →