Plateforme
rust
Composant
zip
Corrigé dans
1.3.1
2.3.0
CVE-2025-29787 describes an Arbitrary File Access vulnerability within the zip crate, a Rust library for handling ZIP archives. This flaw allows attackers to overwrite arbitrary files on a system during archive extraction by exploiting improper handling of symbolic links. Versions of the zip crate prior to 2.3.0 are affected, and a fix has been released. This vulnerability is a variant of the known 'zip-slip' vulnerability.
The core of this vulnerability lies in the zip crate's archive extraction routine. Malicious actors can craft ZIP archives containing symbolic links. If these symbolic links point to directories outside the intended extraction target, the crate, in earlier versions, fails to properly validate the final, canonicalized path. This allows subsequent files within the archive to be written to arbitrary locations on the file system. The potential impact is severe, ranging from data corruption and privilege escalation to complete system compromise, depending on the permissions of the user extracting the archive and the locations targeted by the attacker. This is similar to the broader 'zip-slip' vulnerability, where attackers can leverage archive structures to bypass security controls.
CVE-2025-29787 is a relatively recent disclosure, published on 2025-03-17. It's considered a variant of the well-known 'zip-slip' vulnerability, which has seen prior exploitation. The EPSS score is pending evaluation, but given the potential for arbitrary file access and the similarity to other exploited zip-slip vulnerabilities, a medium to high probability of exploitation is likely. There are currently no publicly available exploits, but the vulnerability's nature makes it a likely target for opportunistic attackers. Monitor security advisories and threat intelligence feeds for any signs of active exploitation.
Applications and systems that utilize the zip crate for archive handling are at risk. This includes Rust-based applications that process user-uploaded ZIP files, automated build systems that extract dependencies from ZIP archives, and any system where ZIP files are extracted without proper validation. Shared hosting environments where multiple users can upload ZIP files are particularly vulnerable.
• rust/supply-chain: Examine your Cargo.toml file for dependencies on the zip crate and ensure you are using version 2.3.0 or later. Use cargo outdated to identify outdated dependencies.
cargo outdated• linux/server: Monitor system logs for unusual file creation or modification events within unexpected directories, particularly during archive extraction processes. Use auditd to track file access events.
auditctl -w /path/to/protected/directory -p wa -k zip_extraction• generic web: If your application handles ZIP file uploads, implement strict input validation and sanitization to prevent malicious archives from being processed. Check for unusual symbolic link patterns in uploaded ZIP files.
disclosure
patch
Statut de l'Exploit
EPSS
0.27% (percentile 51%)
CISA SSVC
The primary mitigation is to upgrade to version 2.3.0 or later of the zip crate. This version includes the necessary fixes to properly validate symbolic link paths during extraction, preventing the arbitrary file access. If upgrading is not immediately feasible, consider implementing robust path validation within your extraction logic. This involves canonicalizing file paths before writing to the file system and ensuring they remain within the intended extraction directory. Web application firewalls (WAFs) or proxy servers can be configured to inspect ZIP archives for suspicious symbolic links before allowing them to be processed. Detection signatures, such as YARA rules, can be crafted to identify potentially malicious ZIP archives containing unusual symbolic link patterns. After upgrading, confirm the fix by attempting to extract a known malicious archive (if available) and verifying that it no longer allows arbitrary file writes.
Actualice la biblioteca `zip` a la versión 2.3.0 o superior. Esto solucionará la vulnerabilidad de escritura arbitraria de archivos durante la extracción de archivos ZIP. Ejecute `cargo update` para actualizar las dependencias de su proyecto.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2025-29787 is a HIGH severity vulnerability in the zip crate that allows attackers to overwrite files during ZIP archive extraction due to improper symbolic link handling.
You are affected if you are using the zip crate before version 2.3.0 and process ZIP archives, especially those from untrusted sources.
Upgrade to version 2.3.0 or later of the zip crate. If upgrading isn't possible, implement robust path validation during extraction.
While no public exploits are currently available, the vulnerability's nature makes it a likely target for exploitation, given its similarity to other zip-slip vulnerabilities.
Refer to the zip crate's repository and related security advisories for the most up-to-date information: [https://github.com/zip-rs/zip2](https://github.com/zip-rs/zip2)
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.
Téléverse ton fichier Cargo.lock et nous te dirons instantanément si tu es affecté.