Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:nuget/SharpZipLib@1.0.0
purl pkg:nuget/SharpZipLib@1.0.0
Next non-vulnerable version 1.3.3
Latest non-vulnerable version 1.3.3
Risk 4.0
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-1qhk-r5sq-zqhm
Aliases:
CVE-2021-32842
GHSA-mm6g-mmq6-53ff
Path traversal in SharpZipLib SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. A check was added if the destination file is under a destination directory. However, it is not enforced that `_baseDirectory` ends with slash. If the `_baseDirectory` is not slash terminated like `/home/user/dir` it is possible to create a file with a name thats begins as the destination directory one level up from the directory, i.e. `/home/user/dir.sh`. Because of the file name and destination directory constraints, the arbitrary file creation impact is limited and depends on the use case. fixed this vulnerability.
1.3.3
Affected by 0 other vulnerabilities.
VCID-fxh1-kq9x-6bbz
Aliases:
CVE-2021-32840
GHSA-m22m-h4rf-pwq3
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. A TAR file entry `../evil.txt` may be extracted in the parent directory of `destFolder`. This leads to arbitrary file write that may lead to code execution.
1.3.3
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T21:38:20.593530+00:00 GitLab Importer Affected by VCID-1qhk-r5sq-zqhm https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/SharpZipLib/CVE-2021-32842.yml 38.4.0
2026-04-16T21:38:20.015156+00:00 GitLab Importer Affected by VCID-fxh1-kq9x-6bbz https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/SharpZipLib/CVE-2021-32840.yml 38.4.0
2026-04-11T22:52:56.584135+00:00 GitLab Importer Affected by VCID-1qhk-r5sq-zqhm https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/SharpZipLib/CVE-2021-32842.yml 38.3.0
2026-04-11T22:52:56.309377+00:00 GitLab Importer Affected by VCID-fxh1-kq9x-6bbz https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/SharpZipLib/CVE-2021-32840.yml 38.3.0
2026-04-02T23:02:18.922651+00:00 GitLab Importer Affected by VCID-1qhk-r5sq-zqhm https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/SharpZipLib/CVE-2021-32842.yml 38.1.0
2026-04-02T23:02:18.639587+00:00 GitLab Importer Affected by VCID-fxh1-kq9x-6bbz https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/SharpZipLib/CVE-2021-32840.yml 38.1.0
2026-04-01T17:21:09.017460+00:00 GitLab Importer Affected by VCID-fxh1-kq9x-6bbz https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/SharpZipLib/CVE-2021-32840.yml 38.0.0
2026-04-01T15:59:27.254457+00:00 GHSA Importer Affected by VCID-1qhk-r5sq-zqhm https://github.com/advisories/GHSA-mm6g-mmq6-53ff 38.0.0
2026-04-01T12:49:22.408345+00:00 GitLab Importer Affected by VCID-1qhk-r5sq-zqhm https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/SharpZipLib/CVE-2021-32842.yml 38.0.0