CVEs-PoC/2020/CVE-2020-7667.md

### [CVE-2020-7667](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7667)
![](https://img.shields.io/static/v1?label=Product&message=github.com%2Fsassoftware%2Fgo-rpmutils%2Fcpio&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3C%200.1.0%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Arbitrary%20File%20Write%20via%20Archive%20Extraction%20(Zip%20Slip)&color=brighgreen)

### Description

In package github.com/sassoftware/go-rpmutils/cpio before version 0.1.0, the CPIO extraction functionality doesn't sanitize the paths of the archived files for leading and non-leading ".." which leads in file extraction outside of the current directory. Note: the fixing commit was applied to all affected versions which were re-released.

### POC

#### Reference
- https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMSASSOFTWAREGORPMUTILSCPIO-570427

#### Github
- https://github.com/k1LoW/oshka