CVE-2018-1002206: Directory Traversal in SharpCompress
(updated )
SharpCompress prior to version 0.21 is vulnerable to path traversal issue in archive extraction.
References
- github.com/adamhathcock/sharpcompress/commit/42b1205fb435de523e6ef8ac5b7bafbe712997f6
- github.com/adamhathcock/sharpcompress/commit/80ceb1c375fdb1b4ffba16528c99089e804ce61f
- github.com/adamhathcock/sharpcompress/pull/374
- github.com/advisories/GHSA-fxh6-w476-hgr4
- github.com/snyk/zip-slip-vulnerability
- nvd.nist.gov/vuln/detail/CVE-2018-1002206
- snyk.io/research/zip-slip-vulnerability
- snyk.io/vuln/SNYK-DOTNET-SHARPCOMPRESS-60246
Code Behaviors & Features
Detect and mitigate CVE-2018-1002206 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →