Miggo Logo
Book a Demo
Miggo Vulnerability Database
CVE-2022-35410

CVE-2022-35410:
mat2 before 0.13.0 allows directory traversal during the ZIP archive cleaning process.

7.5

CVSS Score

Basic Information

CVE ID
CVE-2022-35410
GHSA ID
GHSA-f33p-9287-h552
EPSS Score
-
CWE
CWE-22
Published
7/12/2022
Updated
9/30/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
mat2pip>= 0, < 0.13.00.13.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper path sanitization in ZIP processing. The key functions would be in the ZIP cleaner module handling filenames:

  1. _sanitize_filename would directly process entry names (vulnerable to '../' injection)
  2. clean() would be the main workflow that failed to validate paths before extraction Commit beebca4b's description of adding path normalization matches these functional areas. The web instance impact aligns with these functions being called during archive processing.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

m*t* (*k* m*t***t* *nonymis*tion toolkit) ***or* *.**.* *llows `../` *ir**tory tr*v*rs*l *urin* t** ZIP *r**iv* *l**nin* pro**ss. T*is prim*rily *****ts m*t* w** inst*n**s, in w*i** *li*nts *oul* o*t*in s*nsitiv* in*orm*tion vi* * *r**t** *r**iv*.

Reasoning

T** vuln*r**ility st*ms *rom improp*r p*t* s*nitiz*tion in ZIP pro**ssin*. T** k*y *un*tions woul* ** in t** ZIP *l**n*r mo*ul* **n*lin* *il*n*m*s: *. _s*nitiz*_*il*n*m* woul* *ir**tly pro**ss *ntry n*m*s (vuln*r**l* to '../' inj**tion) *. *l**n() wo