CVE-2025-29787 Overview
CVE-2025-29787 is a path traversal vulnerability in the zip crate for Rust, a popular library used for reading and writing ZIP files. The vulnerability exists in the archive extraction routine of versions 1.3.0 through 2.2.x, where symbolic links earlier in the archive are allowed to be used for later files without proper validation of the final canonicalized path. This flaw allows maliciously crafted archives to overwrite arbitrary files in the file system when extracted.
Critical Impact
Attackers can craft malicious ZIP archives that, when extracted using vulnerable versions of the zip crate, can overwrite arbitrary files on the system with arbitrary permissions. This can potentially lead to remote code execution by overwriting critical system files or application binaries.
Affected Products
- zip crate for Rust versions 1.3.0 to 2.2.x
- Applications using the zip crate's high-level archive extraction API
- Rust projects that extract untrusted ZIP archives
Discovery Timeline
- March 17, 2025 - CVE-2025-29787 published to NVD
- March 17, 2025 - Last updated in NVD database
Technical Details for CVE-2025-29787
Vulnerability Analysis
This vulnerability (CWE-22: Path Traversal) affects the archive extraction functionality within the zip crate. The core issue lies in how the library processes symbolic links during ZIP archive extraction. When extracting files, the library fails to properly validate the canonicalized path when symbolic links are present earlier in the archive, allowing an attacker to construct a symlink chain that escapes the intended extraction directory.
The attack requires user interaction in the form of extracting a maliciously crafted archive, but once triggered, it can overwrite arbitrary files on the filesystem. The vulnerability specifically affects users who extract untrusted archive files using the high-level API methods provided by the crate.
Root Cause
The root cause is improper handling of symbolic links during archive extraction. The library did not adequately validate that paths containing symbolic links resolve to locations within the intended extraction directory. When processing a file that follows a symbolic link in the archive, the library failed to verify the final canonicalized destination path, allowing path components like .. (parent directory) to escape the extraction boundary through symlink indirection.
Attack Vector
The attack leverages symbolic links embedded within a malicious ZIP archive. An attacker constructs an archive containing:
- A symbolic link pointing to a parent directory or sensitive system location
- Subsequent files in the archive that reference the symbolic link in their path
When the vulnerable application extracts this archive, the symbolic link is created first. Then, when later files reference the symlink in their path, the library writes content through the symlink to arbitrary locations outside the intended extraction directory. This can be exploited to overwrite critical files such as SSH authorized keys, cron jobs, or application configuration files.
The patch introduces a new path module with a simplified_components function that validates path components and rejects paths containing prefix, root directory, or unresolved parent directory references:
//! Path manipulation utilities
use std::{
ffi::OsStr,
path::{Component, Path},
};
/// Simplify a path by removing the prefix and parent directories and only return normal components
pub(crate) fn simplified_components(input: &Path) -> Option<Vec<&OsStr>> {
let mut out = Vec::new();
for component in input.components() {
match component {
Component::Prefix(_) | Component::RootDir => return None,
Component::ParentDir => {
if out.pop().is_none() {
return None;
}
}
Component::Normal(_) => out.push(component.as_os_str()),
Component::CurDir => (),
}
}
Some(out)
}
Source: GitHub Commit Update
Detection Methods for CVE-2025-29787
Indicators of Compromise
- Unexpected symbolic links created in extraction directories pointing to sensitive system paths
- File modifications in directories outside the intended extraction location following ZIP extraction operations
- Presence of ZIP archives containing symbolic links with suspicious path targets (e.g., ../../../etc/)
- Unexpected changes to critical system files like /etc/passwd, ~/.ssh/authorized_keys, or application binaries
Detection Strategies
- Audit Rust project dependencies using cargo audit to identify vulnerable versions of the zip crate
- Implement file integrity monitoring (FIM) on critical system files and directories
- Monitor for suspicious ZIP extraction operations that result in writes outside expected directories
- Review application logs for unusual archive extraction patterns or errors related to path validation
Monitoring Recommendations
- Enable SentinelOne's Behavioral AI to detect anomalous file system operations following archive extraction
- Configure alerts for symbolic link creation in web-accessible directories or application extraction paths
- Monitor cargo.lock files in CI/CD pipelines for vulnerable dependency versions
- Implement runtime application self-protection (RASP) to detect path traversal attempts
How to Mitigate CVE-2025-29787
Immediate Actions Required
- Upgrade the zip crate to version 2.3.0 or later immediately
- Audit all Rust applications that process untrusted ZIP files for vulnerable dependency versions
- Implement input validation to reject archives containing symbolic links if symlink extraction is not required
- Review recent extraction operations for signs of compromise if vulnerable versions were deployed
Patch Information
The vulnerability has been fixed in version 2.3.0 of the zip crate. The patch introduces a new path module that properly validates and simplifies path components during extraction, rejecting paths that would escape the extraction directory. Users should update their Cargo.toml to specify the patched version:
For detailed information about the fix, refer to the GitHub Security Advisory GHSA-94vh-gphv-8pm8 and the GitHub Release Note v2.3.0.
Workarounds
- Avoid extracting untrusted ZIP archives until the crate is upgraded
- Implement custom path validation before calling the extraction API to reject symlinks
- Run extraction operations in sandboxed environments with restricted filesystem access
- Use chroot or container isolation to limit the impact of potential path traversal exploits
# Configuration example
# Update the zip crate in your Cargo.toml
# Change from vulnerable version:
# zip = "2.2.0"
# To patched version:
zip = "2.3.0"
# Run cargo update to apply the dependency change
cargo update -p zip
# Verify the installed version
cargo tree -p zip
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
