MEDIUM 5.5 NuGet
Directory Traversal in SharpCompress
GHSA-fxh6-w476-hgr4 · CVE-2018-1002206
Published · Modified
Description
SharpCompress prior to version 0.21 is vulnerable to path traversal issue in archive extraction.
References
- ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2018-1002206
- WEB https://github.com/adamhathcock/sharpcompress/pull/374
- WEB https://github.com/adamhathcock/sharpcompress/commit/42b1205fb435de523e6ef8ac5b7bafbe712997f6
- WEB https://github.com/adamhathcock/sharpcompress/commit/80ceb1c375fdb1b4ffba16528c99089e804ce61f
- WEB https://github.com/snyk/zip-slip-vulnerability
- WEB https://snyk.io/research/zip-slip-vulnerability
- WEB https://snyk.io/vuln/SNYK-DOTNET-SHARPCOMPRESS-60246
Ready to move
Start Securing
Free, no credit card | First findings in minutes