81 matches found
EUVD-2019-8739
Malware in sbrugna...
EUVD-2022-3612
Malicious code in bioql PyPI...
EUVD-2022-1102
Malicious code in bioql PyPI...
EUVD-2022-1085
Malicious code in bioql PyPI...
EUVD-2022-0770
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-32842
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Starting version 1.0.0 and prior to version 1.3.3, a check was added if the destination file is und...
Linux Distros Unpatched Vulnerability : CVE-2021-32841
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Starting version 1.3.0 and prior to version 1.3.3, a check was added if the destination file is und...
Linux Distros Unpatched Vulnerability : CVE-2021-32840
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry ../evil.txt may be extracted in the parent directory of...
Linux Distros Unpatched Vulnerability : CVE-2018-1002208
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry...
CVE-2021-32842
SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Starting version 1.0.0 and prior to version 1.3.3, a check was added if the destination file is under a destination directory. However, it is not enforced that baseDirectory ends with slash. If the baseDirectory is not slash terminated...
CVE-2021-32841
SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Starting version 1.3.0 and prior to version 1.3.3, a check was added if the destination file is under destination directory. However, it is not enforced that destDir ends with slash. If the destDir is not slash terminated like...
CVE-2021-32840
SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry ../evil.txt may be extracted in the parent directory of destFolder. This leads to arbitrary file write that may lead to code execution. The vulnerability was patched in version 1.3.3...
CVE-2019-19102
A directory traversal vulnerability in SharpZipLib used in the upgrade service in B Automation Studio versions 4.0.x, 4.1.x and 4.2.x allow unauthenticated users to write to certain local directories. The vulnerability is also known as zip slip...
Amazon Linux 2 : mono (ALASMONO-2023-001)
It is, therefore, affected by a vulnerability as referenced in the ALAS2MONO-2023-001 advisory. SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry ../evil.txt may be extracted in the parent directory of destFolder. This leads to arbitrary file...
Important: mono
Issue Overview: SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry ../evil.txt may be extracted in the parent directory of destFolder. This leads to arbitrary file write that may lead to code execution. The vulnerability was patched in version...
Dotnetnuke 6.0.x < 9.11.0 Multiple Vulnerabilities (09.11.00)
According to its self-reported version, the instance of Dotnetnuke running on the remote web server is 6.0.x prior to 9.11.0. It is, therefore, affected by multiple vulnerabilities. - A third-party dependency, Moment.js, published security updates to their library. Fixes for the Issue DNN Platfor...
Improper Limitation of a Pathname to a Restricted Directory in SharpZipLib
SharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...
GHSA-CQJ4-M2PC-V9M5 Improper Limitation of a Pathname to a Restricted Directory in SharpZipLib
SharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...
GHSA-MM6G-MMQ6-53FF Path Traversal in SharpZipLib
SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Starting version 1.0.0 and prior to version 1.3.3, a check was added if the destination file is under a destination directory. However, it is not enforced that baseDirectory ends with slash. If the baseDirectory is not slash terminated...
Path Traversal in SharpZipLib
SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Starting version 1.0.0 and prior to version 1.3.3, a check was added if the destination file is under a destination directory. However, it is not enforced that baseDirectory ends with slash. If the baseDirectory is not slash terminated...