skip to content
Back to
Home Bounties Research Advisories CodeQL Wall of Fame Get Involved Events
February 3, 2021

GHSL-2020-198: Path manipulation via Zip entry files (ZipSlip) in adm-zip

GitHub Security Lab

Coordinated Disclosure Timeline


Path manipulation via Zip entry files (ZipSlip)


Tested Version

Latest commit


The extractAllTo method allows extracting all files in a zip file to a specified target folder. It tries to ensure that no files are extracted outside this folder, so even if zip file entries have paths containing .. elements the files should still end up in the target folder.

However, the code to enforce this leaves a loophole: it is possible to extract files to a different folder as long as the path of the target folder is a prefix of the path of that other folder. For example, when extracting a specially crafted zip file to target folder contents, some files could end up in a sibling folder called contents2, or some other folder whose path starts with the string contents, as shown in this example:

const AdmZip = require('adm-zip')
const zip = new AdmZip()
zip.addFile("test.txt", Buffer.from("hi"))
zip.addFile("../contents2/test2.txt", Buffer.from("there"))
zip.extractAllTo("contents") // `test.txt` is extracted to `contents`, `test2.txt` to `contents2`

Client code of adm-zip would probably assume that the check does not allow this cross-folder extraction, and might use it to extract even untrusted zip files. If an attacker can provide a crafted zip file, they might then be able to overwrite files outside the intended target folder.

In practice this is probably difficult to exploit since the paths have to match up as explained above but we think that even if this is arguably a relatively low-severity vulnerability, it is still worth fixing.


File system manipulation, Data corruption


This issue was discovered and reported by GitHub team member @max-schaefer (Max Schaefer).


You can contact the GHSL team at, please include GHSL-2020-198 in any communication regarding this issue.