Search for packages
| purl | pkg:nuget/SharpZipLib@1.0.0-alpha2 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-q38c-k935-uuan
Aliases: CVE-2021-32840 GHSA-m22m-h4rf-pwq3 |
Path Traversal in SharpZipLib SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry `../evil.txt` may be extracted in the parent directory of `destFolder`. This leads to arbitrary file write that may lead to code execution. The vulnerability was patched in version 1.3.3. |
Affected by 0 other vulnerabilities. |
|
VCID-xehh-a5vv-kffu
Aliases: CVE-2018-1002208 GHSA-cqj4-m2pc-v9m5 |
Improper Limitation of a Pathname to a Restricted Directory in SharpZipLib SharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'. |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-08-01T10:11:39.898926+00:00 | GitLab Importer | Affected by | VCID-q38c-k935-uuan | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/SharpZipLib/CVE-2021-32840.yml | 37.0.0 |
| 2025-07-31T12:33:19.544413+00:00 | GHSA Importer | Affected by | VCID-xehh-a5vv-kffu | https://github.com/advisories/GHSA-cqj4-m2pc-v9m5 | 37.0.0 |
| 2025-07-31T09:27:34.282992+00:00 | GitLab Importer | Affected by | VCID-xehh-a5vv-kffu | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/SharpZipLib/CVE-2018-1002208.yml | 37.0.0 |