VulnerableCode Package Details - pkg:nuget/SharpZipLib@1.0.0-rc2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:nuget/SharpZipLib@1.0.0-rc2

Essentials
History (4)

purl	pkg:nuget/SharpZipLib@1.0.0-rc2

Next non-vulnerable version	1.3.3
Latest non-vulnerable version	1.3.3
Risk	4.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-fxh1-kq9x-6bbz Aliases: CVE-2021-32840 GHSA-m22m-h4rf-pwq3	Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. A TAR file entry `../evil.txt` may be extracted in the parent directory of `destFolder`. This leads to arbitrary file write that may lead to code execution.	1.3.3 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T21:38:20.013603+00:00	GitLab Importer	Affected by	VCID-fxh1-kq9x-6bbz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/SharpZipLib/CVE-2021-32840.yml	38.4.0
2026-04-11T22:52:56.305835+00:00	GitLab Importer	Affected by	VCID-fxh1-kq9x-6bbz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/SharpZipLib/CVE-2021-32840.yml	38.3.0
2026-04-02T23:02:18.636316+00:00	GitLab Importer	Affected by	VCID-fxh1-kq9x-6bbz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/SharpZipLib/CVE-2021-32840.yml	38.1.0
2026-04-01T17:21:09.013668+00:00	GitLab Importer	Affected by	VCID-fxh1-kq9x-6bbz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/SharpZipLib/CVE-2021-32840.yml	38.0.0