Zip-slip Vulnerability in Apache Karaf Deployers
CVE-2019-0191

6.5MEDIUM

Key Information:

Vendor
Apache
Status
Apache Karaf
Vendor
CVE Published:
21 March 2019

Summary

Apache Karaf deployers are susceptible to a file extraction issue when processing .kar archives. The deployer extracts paths from the 'repository/' and 'resources/' entries without validating the directory structure. An attacker can exploit this vulnerability by crafting a malicious .kar file that includes '..' directory traversal sequences, allowing them to write arbitrary content outside of the intended directories. This results in the risk of unauthorized data access or potential system compromise. Versions of Apache Karaf prior to 4.2.3 are affected, especially if the process user has elevated permissions.

Affected Version(s)

Apache Karaf Apache Karaf version prior to 4.2.3

References

https://lists.apache.org/thread.html/6856aa7ed7dd805eaf65...
mailing-listx_refsource_MLIST
http://www.securityfocus.com/bid/107462
vdb-entryx_refsource_BID
https://lists.apache.org/thread.html/cef9a2d4b547625e5214...
mailing-listx_refsource_MLIST

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.