Search for packages
| purl | pkg:nuget/sharpcompress@0.8.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-5mnp-yphv-dfh5
Aliases: CVE-2018-1002206 GHSA-fxh6-w476-hgr4 |
Directory Traversal in SharpCompress |
Affected by 2 other vulnerabilities. |
|
VCID-m5ga-r2ms-97f3
Aliases: CVE-2021-39208 GHSA-jp7f-grcv-6mjf |
Affected by 1 other vulnerability. |
|
|
VCID-yh5j-pyzt-kyf1
Aliases: CVE-2026-44788 GHSA-6c8g-7p36-r338 |
SharpCompress is a fully managed C# library to deal with many compression types and formats. In 0.47.4 and earlier, a path traversal vulnerability in IArchive.WriteToDirectory() allows a malicious archive to create directories outside the intended extraction root. For TAR archives, this can be escalated to arbitrary file writes by chaining with a symlink entry, giving a full write primitive on the target filesystem subject to the permissions of the running process. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-12T22:24:06.670455+00:00 | GitLab Importer | Affected by | VCID-yh5j-pyzt-kyf1 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/sharpcompress/CVE-2026-44788.yml | 38.6.0 |
| 2026-06-12T17:48:06.583536+00:00 | GitLab Importer | Affected by | VCID-m5ga-r2ms-97f3 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/sharpcompress/CVE-2021-39208.yml | 38.6.0 |
| 2026-06-12T17:14:10.093402+00:00 | GitLab Importer | Affected by | VCID-5mnp-yphv-dfh5 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/sharpcompress/CVE-2018-1002206.yml | 38.6.0 |