Lucene search
Veracode Vulnerability DatabaseVERACODE:6982HistoryJul 06, 2018 - 9:07 a.m.
Arbitrary File Write
2018-07-0609:07:59
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
EPSS
0.001
Percentile
47.2%
SharpCompress is vulnerable to zip-slip vulnerability.The vulnerability exists due to the lack of check on the file path during extraction, allowing arbitrary files to be written in other directories.
References
github.com/adamhathcock/sharpcompress/blob/2a5494a804dd3d6f5bec1ec79a52d54ffce610f5/src/SharpCompress/Archives/IArchiveEntryExtensions.cs#L58-L67
github.com/adamhathcock/sharpcompress/commit/42b1205fb435de523e6ef8ac5b7bafbe712997f6
github.com/adamhathcock/sharpcompress/commit/80ceb1c375fdb1b4ffba16528c99089e804ce61f
github.com/adamhathcock/sharpcompress/pull/374
Related
osv
osv
CVE-2018-1002206
2018-07-25 17:29:01
Directory Traversal in SharpCompress
2019-09-11 22:59:57
github
github
Directory Traversal in SharpCompress
2019-09-11 22:59:57
nvd
nvd
CVE-2018-1002206
2018-07-25 17:29:01
prion
prion
Directory traversal
2018-07-25 17:29:00
cvelist
cvelist
CVE-2018-1002206
2018-07-25 17:00:00
cve
cve
CVE-2018-1002206
2018-07-25 17:29:01
checkpoint_advisories
checkpoint_advisories
f5
f5
K64709522 : Multiple Zip Slip vulnerabilities
2018-08-03 00:00:00