CVE-2021-23520

The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip via the ZipFile::uncompressEntry function in juceZipFile.cpp. This vulnerability is triggered when the archive is extracted upon calling uncompressTo on a ZipFile object...

UBUNTU-CVE-2021-23520

The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip via the ZipFile::uncompressEntry function in juceZipFile.cpp. This vulnerability is triggered when the archive is extracted upon calling uncompressTo on a ZipFile object...

CVE-2021-23520

The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip via the ZipFile::uncompressEntry function in juceZipFile.cpp. This vulnerability is triggered when the archive is extracted upon calling uncompressTo on a ZipFile object...

CVE-2021-23520 Arbitrary File Write via Archive Extraction (Zip Slip)

The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip via the ZipFile::uncompressEntry function in juceZipFile.cpp. This vulnerability is triggered when the archive is extracted upon calling uncompressTo on a ZipFile object...

Arbitrary File Write

zip-local is vulnerable to arbitrary file write aka zip-slip vulnerability. The unsynchronously unzipping leads to extraction of a malicious file outside the intended extraction directory...

CVE-2021-23484

The package zip-local before 0.3.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip which can lead to an extraction of a crafted file outside the intended extraction directory...

CVE-2021-23484

The package zip-local before 0.3.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip which can lead to an extraction of a crafted file outside the intended extraction directory...

Directory traversal

The package zip-local before 0.3.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip which can lead to an extraction of a crafted file outside the intended extraction directory...

CVE-2021-23484 Arbitrary File Write via Archive Extraction (Zip Slip)

The package zip-local before 0.3.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip which can lead to an extraction of a crafted file outside the intended extraction directory...

CVE-2021-23484

The CVE-2021-23484 entry concerns the zip-local package prior to version 0.3.5, vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip). The issue enables extraction of crafted files outside the intended directory during archive extraction. This is documented across multiple sources ...

PT-2022-9401 · Zip-Local · Zip-Local

Name of the Vulnerable Software and Affected Versions: zip-local versions prior to 0.3.5 Description: The issue allows for Arbitrary File Write via Archive Extraction, also known as Zip Slip, which can lead to the extraction of a crafted file outside the intended extraction directory. This can...

zip-local 路径遍历漏洞

Zip-Local is a very simple compression /Uzipping local files and directories in nodes .Js by Mostafa Samir Personal Developer. A security vulnerability exists in versions of zip-local prior to 0.3.5, which allows for arbitrary file write attacks...

CVE-2021-32840

SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry ../evil.txt may be extracted in the parent directory of destFolder. This leads to arbitrary file write that may lead to code execution. The vulnerability was patched in version 1.3.3...

CVE-2021-32840

SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry ../evil.txt may be extracted in the parent directory of destFolder. This leads to arbitrary file write that may lead to code execution. The vulnerability was patched in version 1.3.3...

CVE-2021-32840

SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry ../evil.txt may be extracted in the parent directory of destFolder. This leads to arbitrary file write that may lead to code execution. The vulnerability was patched in version 1.3.3...

UBUNTU-CVE-2021-32840

SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry ../evil.txt may be extracted in the parent directory of destFolder. This leads to arbitrary file write that may lead to code execution. The vulnerability was patched in version 1.3.3...

CVE-2021-32840 Path Traversal in SharpZipLib

SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry ../evil.txt may be extracted in the parent directory of destFolder. This leads to arbitrary file write that may lead to code execution. The vulnerability was patched in version 1.3.3...

CVE-2021-32840

SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry ../evil.txt may be extracted in the parent directory of destFolder. This leads to arbitrary file write that may lead to code execution. The vulnerability was patched in version 1.3.3...

Critical Bugs in Control Web Panel Expose Linux Servers to RCE Attacks

Researchers have disclosed details of two critical security vulnerabilities in Control Web Panel that could be abused as part of an exploit chain to achieve pre-authenticated remote code execution on affected servers. Tracked as CVE-2021-45467, the issue concerns a case of a file inclusion...

Directory traversal

Bytecode Viewer BCV is a Java/Android reverse engineering suite. Versions of the package prior to 2.11.0 are vulnerable to Arbitrary File Write via Archive Extraction AKA "Zip Slip". The vulnerability is exploited using a specially crafted archive that holds directory traversal filenames e.g...