VulnerableCode Package Details - pkg:nuget/SharpZipLib@1.0.0-alpha1

Search for packages

Package details: pkg:nuget/SharpZipLib@1.0.0-alpha1

Essentials
History (2)

purl	pkg:nuget/SharpZipLib@1.0.0-alpha1

Next non-vulnerable version	1.3.3
Latest non-vulnerable version	1.3.3
Risk	4.4

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-q38c-k935-uuan Aliases: CVE-2021-32840 GHSA-m22m-h4rf-pwq3	Path Traversal in SharpZipLib SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry `../evil.txt` may be extracted in the parent directory of `destFolder`. This leads to arbitrary file write that may lead to code execution. The vulnerability was patched in version 1.3.3.	1.3.3 Affected by 0 other vulnerabilities.
VCID-xehh-a5vv-kffu Aliases: CVE-2018-1002208 GHSA-cqj4-m2pc-v9m5	Improper Limitation of a Pathname to a Restricted Directory in SharpZipLib SharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'.	1.0.0-rc1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-01T10:25:23.692982+00:00	GitLab Importer	Affected by	VCID-xehh-a5vv-kffu	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/SharpZipLib/CVE-2018-1002208.yml	37.0.0
2025-08-01T10:11:39.893744+00:00	GitLab Importer	Affected by	VCID-q38c-k935-uuan	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/SharpZipLib/CVE-2021-32840.yml	37.0.0