Описание
SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Starting version 1.3.0 and prior to version 1.3.3, a check was added if the destination file is under destination directory. However, it is not enforced that destDir ends with slash. If the destDir is not slash terminated like /home/user/dir it is possible to create a file with a name thats begins with the destination directory, i.e. /home/user/dir.sh. Because of the file name and destination directory constraints, the arbitrary file creation impact is limited and depends on the use case. Version 1.3.3 contains a patch for this vulnerability.
Ссылки
- PatchThird Party Advisory
- Release NotesThird Party Advisory
- ExploitThird Party Advisory
- PatchThird Party Advisory
- Release NotesThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
EPSS
4 Medium
CVSS3
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
Связанные уязвимости
SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Starting version 1.3.0 and prior to version 1.3.3, a check was added if the destination file is under destination directory. However, it is not enforced that `destDir` ends with slash. If the `destDir` is not slash terminated like `/home/user/dir` it is possible to create a file with a name thats begins with the destination directory, i.e. `/home/user/dir.sh`. Because of the file name and destination directory constraints, the arbitrary file creation impact is limited and depends on the use case. Version 1.3.3 contains a patch for this vulnerability.
SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Starti ...
EPSS
4 Medium
CVSS3
5.3 Medium
CVSS3
5 Medium
CVSS2