CVE-2025-5981
BaseFortify
Publication date: 2025-06-18
Last updated on: 2025-08-07
Assigner: Google Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| osv-scalibr | From 0.1.3 (inc) to 0.1.8 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-427 | The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors. |
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a path traversal flaw in the OSV-SCALIBR tool's unpack() function used for container images. When using the CLI flag --remote-image on untrusted container images, an attacker can exploit this flaw to write arbitrary files on the host system as the OSV-SCALIBR user. The issue arises because the unpacking process did not properly restrict file system operations to a safe directory, allowing files to be written outside the intended extraction path. [1, 2]
How can this vulnerability impact me? :
This vulnerability can allow an attacker to write or overwrite arbitrary files on the host system with the privileges of the OSV-SCALIBR user. This can lead to unauthorized modification of files, potential code execution, or disruption of system operations, especially when processing untrusted container images. The impact depends on the permissions of the OSV-SCALIBR user and the environment in which the tool is run. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, update OSV-SCALIBR to version 0.1.8 or later, which includes a fix for the path traversal issue in the container layer unpacking code. This fix confines all file system operations during image unpacking within a trusted root directory using the os.Root API, preventing unauthorized file writes outside the intended directory. Avoid using the --remote-image CLI flag on untrusted container images until the update is applied. [1, 2]