CVE-2018-1002206
published 2018-07-25CVE-2018-1002206: SharpCompress before 0.21.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive…
PriorityP339medium5.5CVSS 3.0
AVLACLPRNUIRSUCNIHAN
EPSS
10.05%
95.0th percentile
SharpCompress before 0.21.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adamhathcock | sharpcompress | < 0.21.0 | 0.21.0 |
| sharpcompress | sharpcompress | >= unspecified < 0.21.0 | 0.21.0 |
| sharpcompress_project | sharpcompress | >= 0 < 0.21.0 | 0.21.0 |
CVSS provenance
nvdv3.05.5MEDIUMCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Directory Traversal in SharpCompress
osv·2019-09-11
CVE-2018-1002206 [MEDIUM] Directory Traversal in SharpCompress
Directory Traversal in SharpCompress
SharpCompress prior to version 0.21 is vulnerable to path traversal issue in archive extraction.
GHSA
Directory Traversal in SharpCompress
ghsa·2019-09-11
CVE-2018-1002206 [MEDIUM] CWE-22 Directory Traversal in SharpCompress
Directory Traversal in SharpCompress
SharpCompress prior to version 0.21 is vulnerable to path traversal issue in archive extraction.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/adamhathcock/sharpcompress/commit/42b1205fb435de523e6ef8ac5b7bafbe712997f6https://github.com/adamhathcock/sharpcompress/pull/374https://github.com/snyk/zip-slip-vulnerabilityhttps://snyk.io/research/zip-slip-vulnerabilityhttps://snyk.io/vuln/SNYK-DOTNET-SHARPCOMPRESS-60246https://github.com/adamhathcock/sharpcompress/commit/42b1205fb435de523e6ef8ac5b7bafbe712997f6https://github.com/adamhathcock/sharpcompress/pull/374https://github.com/snyk/zip-slip-vulnerabilityhttps://snyk.io/research/zip-slip-vulnerabilityhttps://snyk.io/vuln/SNYK-DOTNET-SHARPCOMPRESS-60246
2018-07-25
Published