Filtered by vendor Adamhathcock
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-44788 | 1 Adamhathcock | 1 Sharpcompress | 2026-06-05 | N/A | 5.9 MEDIUM |
| SharpCompress is a fully managed C# library to deal with many compression types and formats. In 0.47.4 and earlier, a path traversal vulnerability in IArchive.WriteToDirectory() allows a malicious archive to create directories outside the intended extraction root. For TAR archives, this can be escalated to arbitrary file writes by chaining with a symlink entry, giving a full write primitive on the target filesystem subject to the permissions of the running process. | |||||
| CVE-2018-1002206 | 1 Adamhathcock | 1 Sharpcompress | 2026-06-05 | 4.3 MEDIUM | 5.5 MEDIUM |
| SharpCompress before 0.21.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'. | |||||