Fedora: Security Advisory for sharpziplib (FEDORA-2021-f26cdf180b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for sharpziplib (FEDORA-2021-4d31e51987)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 34 Update: sharpziplib-1.3.3-0.fc34

SharpZipLib, formerly NZipLib is a Zip, GZip, Tar and BZip2 library written entirely in C . It is implemented as an assembly installable in the GAC, and thus can easily be incorporated into other projects...

[SECURITY] Fedora 35 Update: sharpziplib-1.3.3-0.fc35

SharpZipLib, formerly NZipLib is a Zip, GZip, Tar and BZip2 library written entirely in C . It is implemented as an assembly installable in the GAC, and thus can easily be incorporated into other projects...

Insecure Temporary File

SharpZipLib uses an insecure temporary file name. An attacker can predict the name of the temporary file and potentially gain access to confidential information...

CVE-2019-19102

A directory traversal vulnerability in SharpZipLib used in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x and 4.2.x allow unauthenticated users to write to certain local directories. The vulnerability is also known as zip slip...

Directory traversal

A directory traversal vulnerability in SharpZipLib used in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x and 4.2.x allow unauthenticated users to write to certain local directories. The vulnerability is also known as zip slip...

CVE-2019-19102

CVE-2019-19102 is a directory traversal (zip slip) vulnerability in SharpZipLib used by the upgrade service of B&R Automation Studio, affecting 4.0.x–4.2.x. It allows unauthenticated writers to create/overwrite files in local directories. CVSSv3.1 base score 7.5 (I:H) per NVD; base 5.5–5.0 in oth...

CVE-2019-19102 Zip Slip vulnerability in 3rd-Party library in B&R Automation Studio upgrade service

A directory traversal vulnerability in SharpZipLib used in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x and 4.2.x allow unauthenticated users to write to certain local directories. The vulnerability is also known as zip slip...

[SECURITY] Fedora 30 Update: sharpziplib-1.1.0-0.fc30

SharpZipLib, formerly NZipLib is a Zip, GZip, Tar and BZip2 library written entirely in C . It is implemented as an assembly installable in the GAC, and thus can easily be incorporated into other projects...

Fedora Update for sharpziplib FEDORA-2019-d43282031d

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 30 : sharpziplib (2019-d43282031d)

upgrade to version 1.1.0 which fixes the vulnerability of directory traversal Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

CVE-2018-1002208

SharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...

CVE-2018-1002208

SharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...

Directory traversal

SharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...

CVE-2018-1002208

SharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...

CVE-2018-1002208

The CVE-2018-1002208 entry concerns SharpZipLib before 1.0 RC1, which is vulnerable to a directory traversal (Zip-Slip). An attacker can write to arbitrary files via a ../ in a Zip entry that is mishandled during extraction. This is supported by multiple connected sources referencing SharpZipLib’...

CVE-2018-1002208

SharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...

CVE-2018-1002208

SharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...

Arbitrary File Writing

SharpZipLib is vulnerable to arbitrary file write aka zip slip vulnerability. It fails to check on the file path during extraction, allowing arbitrary files to be written outside of extraction directory...