SharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a …/ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as ‘Zip-Slip’.
CPE | Name | Operator | Version |
---|---|---|---|
sharpziplib | eq | 1.0.0-alpha2 | |
sharpziplib | eq | 0.86.0 | |
sharpziplib | eq | 1.0.0-alpha1 |