Sharpziplib Security Vulnerabilities and Issues — Sharpziplib CVE List

Lucene search

Sharpziplib ProjectSharpziplib

3 matches found

CVE•added 2018/07/25 5:29 p.m.•83 views

CVE-2018-1002208

SharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'.

5.5CVSS5.4AI score0.01482EPSS

CVE•added 2022/01/26 10:15 p.m.•74 views

CVE-2021-32841

SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Starting version 1.3.0 and prior to version 1.3.3, a check was added if the destination file is under destination directory. However, it is not enforced that destDir ends with slash. If the destDir is not slash terminated like /home/us...

5.3CVSS4.8AI score0.00378EPSS

CVE•added 2022/01/26 9:15 p.m.•71 views

CVE-2021-32842

SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Starting version 1.0.0 and prior to version 1.3.3, a check was added if the destination file is under a destination directory. However, it is not enforced that _baseDirectory ends with slash. If the _baseDirectory is not slash terminat...

5.3CVSS4.8AI score0.00298EPSS