Lucene search
+L

6 matches found

Tenable Nessus
Tenable Nessus
added 2023/09/27 12:0 a.m.19 views

Amazon Linux 2 : mono (ALASMONO-2023-001)

It is, therefore, affected by a vulnerability as referenced in the ALAS2MONO-2023-001 advisory. SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry ../evil.txt may be extracted in the parent directory of destFolder. This leads to arbitrary file...

9.8CVSS8.6AI score0.01973EPSS
Exploits1References4
Amazon
Amazon
added 2023/09/25 12:0 a.m.10 views

Important: mono

Issue Overview: SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry ../evil.txt may be extracted in the parent directory of destFolder. This leads to arbitrary file write that may lead to code execution. The vulnerability was patched in version...

9.8CVSS7.7AI score0.01973EPSS
Exploits1
OSV
OSV
added 2022/01/26 9:15 p.m.16 views

CVE-2021-32840

SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry ../evil.txt may be extracted in the parent directory of destFolder. This leads to arbitrary file write that may lead to code execution. The vulnerability was patched in version 1.3.3...

9.8CVSS7.6AI score
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/01/26 9:5 p.m.4 views

CVE-2021-32840 Path Traversal in SharpZipLib

SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry ../evil.txt may be extracted in the parent directory of destFolder. This leads to arbitrary file write that may lead to code execution. The vulnerability was patched in version 1.3.3...

7.3CVSS9.6AI score0.01973EPSS
Exploits1References3
CVE
CVE
added 2022/01/26 9:5 p.m.128 views

CVE-2021-32840

CVE-2021-32840 affects SharpZipLib (aka #ziplib). Before version 1.3.3, a TAR file entry "../evil.txt" could be extracted into the parent directory of a destination folder, enabling arbitrary file write and potentially code execution. The vulnerability is patched in version 1.3.3. In the provided...

9.8CVSS8.6AI score0.01973EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2022/01/26 9:5 p.m.38 views

CVE-2021-32840 Path Traversal in SharpZipLib

SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry ../evil.txt may be extracted in the parent directory of destFolder. This leads to arbitrary file write that may lead to code execution. The vulnerability was patched in version 1.3.3...

7.3CVSS9.9AI score0.01973EPSS
Exploits1References3
Rows per page
Query Builder