CVE-2022-36943

SSZipArchive versions 2.5.3 and older contain an arbitrary file write vulnerability due to lack of sanitization on paths which are symlinks. SSZipArchive will overwrite files on the filesystem when opening a malicious ZIP containing a symlink as the first item.

CVSS v3 8.1 HIGH

8.1^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-vgvw-6xcf-qqfc	Exploit Third Party Advisory
https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-vgvw-6xcf-qqfc	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:ssziparchive_project:ssziparchive:*:*:*:*:*:*:*:*

History

21 Nov 2024, 07:14

Type	Values Removed	Values Added
References	~~() https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-vgvw-6xcf-qqfc - Exploit, Third Party Advisory~~	() https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-vgvw-6xcf-qqfc - Exploit, Third Party Advisory
Summary		(es) Las versiones 2.5.3 y anteriores de SSZipArchive contienen una vulnerabilidad de escritura de archivos arbitraria debido a la falta de sanitización en rutas que son enlaces simbólicos. SSZipArchive sobrescribirá archivos en el sistema de archivos al abrir un ZIP malicioso que contenga un enlace simbólico como primer elemento.

Information

Published : 2023-01-03 21:15

Updated : 2025-04-10 16:15

NVD link : CVE-2022-36943

Mitre link : CVE-2022-36943

CVE.ORG link : CVE-2022-36943

JSON object : View

Products Affected

ssziparchive_project

ssziparchive

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-59

Improper Link Resolution Before File Access ('Link Following')

{"id": "CVE-2022-36943", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 5.2, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 5.2, "exploitabilityScore": 2.8}]}, "published": "2023-01-03T21:15:12.757", "references": [{"url": "https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-vgvw-6xcf-qqfc", "tags": ["Exploit", "Third Party Advisory"], "source": "cve-assign@fb.com"}, {"url": "https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-vgvw-6xcf-qqfc", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "cve-assign@fb.com", "description": [{"lang": "en", "value": "CWE-22"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-59"}]}], "descriptions": [{"lang": "en", "value": "SSZipArchive versions 2.5.3 and older contain an arbitrary file write vulnerability due to lack of sanitization on paths which are symlinks. SSZipArchive will overwrite files on the filesystem when opening a malicious ZIP containing a symlink as the first item."}, {"lang": "es", "value": "Las versiones 2.5.3 y anteriores de SSZipArchive contienen una vulnerabilidad de escritura de archivos arbitraria debido a la falta de sanitizaci\u00f3n en rutas que son enlaces simb\u00f3licos. SSZipArchive sobrescribir\u00e1 archivos en el sistema de archivos al abrir un ZIP malicioso que contenga un enlace simb\u00f3lico como primer elemento."}], "lastModified": "2025-04-10T16:15:19.720", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ssziparchive_project:ssziparchive:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69A88AB8-DD09-4B8D-B742-DABA7262DD80", "versionEndIncluding": "2.5.3"}], "operator": "OR"}]}], "sourceIdentifier": "cve-assign@fb.com"}