Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
- EPSS 0.43%
- Veröffentlicht 16.09.2021 15:15:07
- Zuletzt bearbeitet 21.11.2024 06:18:54
SharpCompress is a fully managed C# library to deal with many compression types and formats. Versions prior to 0.29.0 are vulnerable to partial path traversal. SharpCompress recreates a hierarchy of directories under destinationDirectory if ExtractFu...
5.5
CVE-2018-1002206
- EPSS 2.5%
- Veröffentlicht 25.07.2018 17:29:01
- Zuletzt bearbeitet 21.11.2024 03:40:40
SharpCompress before 0.21.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'.
1