7.5

CVSS Score

3.0

Basic Information

CVE ID

CVE-2018-20834

GHSA ID

GHSA-j44m-qm6p-hp7m

EPSS Score

0.60924%

CWE

CWE-59

Published

5/1/2019

Updated

11/29/2023

KEV Status

Technology

JavaScript

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2018-20834

CVE-2018-20834: Arbitrary File Overwrite in tar

Versions of tar prior to 4.4.2 for 4.x and 2.2.2 for 2.x are vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system, and a file that matches the hardlink will overwrite the system's file with the contents of the extracted file.

Recommendation

For tar 4.x, upgrade to version 4.4.2 or later. For tar 2.x, upgrade to version 2.2.2 or later.

(GitHub Advisory)

7.5

CVSS Score

3.0

Basic Information

CVE ID

CVE-2018-20834

GHSA ID

GHSA-j44m-qm6p-hp7m

EPSS Score

0.60924%

CWE

CWE-59

Published

5/1/2019

Updated

11/29/2023

KEV Status

Technology

JavaScript

Technical Details

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
tar	npm	< 2.2.2	2.2.2
tar	npm	>= 3.0.0, < 4.4.2	4.4.2

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stemmed from improper handling of hardlinks during tarball extraction. The pre-patch code in CHECKFS methods allowed overwriting existing files if they matched the entry type, without checking if they were part of a hardlink chain (nlink >1). The commit introduced an ISREUSABLE check that enforces nlink <=1 for file reuse, explicitly preventing hardlink overwrites. The test case added in the commit demonstrates protection against this scenario by verifying nlink=1 after extraction.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

V*rsions o* `t*r` prior to *.*.* *or *.x *n* *.*.* *or *.x *r* vuln*r**l* to *r*itr*ry *il* Ov*rwrit*. *xtr**tin* t*r**lls *ont*inin* * **r*link to * *il* t**t *lr***y *xists in t** syst*m, *n* * *il* t**t m*t***s t** **r*link will ov*rwrit* t** syst

Reasoning

T** vuln*r**ility st*mm** *rom improp*r **n*lin* o* **r*links *urin* t*r**ll *xtr**tion. T** pr*-p*t** *o** in `****K*S` m*t*o*s *llow** ov*rwritin* *xistin* *il*s i* t**y m*t**** t** *ntry typ*, wit*out ****kin* i* t**y w*r* p*rt o* * **r*link ***in

7.5

Basic Information

Concerned about an active attack path?

CVE-2018-20834: Arbitrary File Overwrite in tar

Recommendation

7.5

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI