id: tar-extraction info: name: Path Injection Vulnerability in TAR Extraction author: me_dheeraj (https://twitter.com/Dheerajmadhukar) severity: info description: Insecure TAR archive extraction can result in arbitrary path over write and can result in code injection. tags: file,nodejs file: - extensions: - all matchers: - type: regex regex: - "require\\('tar-stream'\\)" - "[\\w\\W]+?\\.createWriteStream\\([\\w\\W]*?\\, [\\w\\W]*?\\)" - "[\\w\\W]+?\\.writeFile\\([\\w\\W]*?\\, [\\w\\W]*?\\)" - "[\\w\\W]+?\\.writeFileSync\\([\\w\\W]*?\\, [\\w\\W]*?\\)" condition: or # digest: 490a0046304402207e72208a1944e7df2a904fe5c6f0286522d073ca069018194bf4e461a96c7f030220657b4086fb9b504fdfd3ee97fe79018b05f66382b367ba76d019e1d3e0a61c82:922c64590222798bb761d5b6d8e72950