Vulnerability: Directory Traversal Attack in Chef Software's mixlib-archive

Vulnerability: Directory Traversal Attack in Chef Software's mixlib-archive

CVE-2017-1000026 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Chef Software's mixlib-archive versions 0.3.0 and older are vulnerable to a directory traversal attack allowing attackers to overwrite arbitrary files by using ".." in tar archive entries

Learn more about our Web Application Penetration Testing UK.