GHSA-p799-q2pr-6mxj: Path Traversal

First published: Sat Mar 29 2025(Updated: )

### Impact The library used to extract archives (github.com/jaredallard/archives) was vulnerable to the "zip slip" vulnerability. This is used to extract native extension archives and repository source archives. A native extension or repository archive could be crafted in such a way where a remote code execution or modification/reading of a file is possible using the user who is running stencil. The severity is marked as "medium" because native extensions have always considered to be "unsafe" to run when not trusted. Native extensions are arbitrary code being ran, which could always do this same exploit with less steps. The medium severity is to reflect that this could be done even when a user is _not_ using a native extension, for example a repository source archive. However, one would need to mutate the archives provided by Github or perform some hackery with links, which may not be possible. Thus, "medium" is used out of an abundance of caution where I would've labeled this as "low". ### Patches Patched in 2.3.0 and above. ### Workarounds No workarounds are present. ### References https://github.com/jaredallard/archives/security/advisories/GHSA-j95m-rcjp-q69h

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/github-advisory-latest
• source/GitHub
• alias/GHSA-p799-q2pr-6mxj
• agent/software-canonical-lookup
• agent/weakness
• agent/last-modified-date
• agent/source
• agent/description
• agent/first-publish-date
• agent/type
• agent/softwarecombine
• agent/references
• agent/tags
• agent/event
• package-manager/go