5 matches found
EUVD-2021-32842
Malicious code in bioql PyPI...
CVE-2021-32842
SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Starting version 1.0.0 and prior to version 1.3.3, a check was added if the destination file is under a destination directory. However, it is not enforced that baseDirectory ends with slash. If the baseDirectory is not slash terminated...
CVE-2021-32842
creationtimestamp| type| source ---|---|--- 2022-01-27 00:19:57+00:00| seen| https://t.me/cibsecurity/36359...
CVE-2021-32842 Path Traversal in SharpZipLib
SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Starting version 1.0.0 and prior to version 1.3.3, a check was added if the destination file is under a destination directory. However, it is not enforced that baseDirectory ends with slash. If the baseDirectory is not slash terminated...
CVE-2021-32842
CVE-2021-32842 affects SharpZipLib (aka #ziplib). The issue is a path traversal flaw where a non-slash-terminated _baseDirectory allows creating a file whose name begins with the destination directory (e.g., /home/user/dir.sh), enabling arbitrary file creation. Versions 1.0.0 through 1.3.2 are af...