Lucene search
Veracode Vulnerability DatabaseVERACODE:6987HistoryJul 09, 2018 - 3:34 a.m.
Arbitrary File Writing
2018-07-0903:34:28
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
17
0.001 Low
EPSS
Percentile
30.2%
DotNetZip.Semverd is vulnerable to arbitrary file writing (aka) zip-slip vulnerability. The vulnerability is possible because it does not check that the relative paths in a zip file don’t go outside of the target directory.
| CPE | Name | Operator | Version |
|---|---|---|---|
| dotnetzip | le | 1.10.1 | |
| dotnetzip.android | eq | 1.10.1 | |
| dotnetzip.ios | eq | 1.10.1 | |
| zlib.portable | le | 1.11.0-beta1 | |
| zlib.portable.signed | eq | 1.11.0-beta1 |
Related
prion
prion
Directory traversal
2018-07-25 17:29:00
cvelist
cvelist
CVE-2018-1002205
2022-10-03 16:21:40
osv
osv
CVE-2018-1002205
2018-07-25 17:29:01
High severity vulnerability that affects DotNetZip
2018-10-16 17:16:40
nvd
nvd
CVE-2018-1002205
2018-07-25 17:29:01
cve
cve
CVE-2018-1002205
2022-10-03 16:21:40
ics
ics
Omron Engineering Software Zip-Slip
2023-09-19 12:00:00
github
github
High severity vulnerability that affects DotNetZip
2018-10-16 17:16:40
f5
f5
K64709522 : Multiple Zip Slip vulnerabilities
2018-08-03 00:00:00
checkpoint_advisories
checkpoint_advisories
ibm
ibm