The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of DotNetZip

computer vulnerability note CVE-2018-1002205

DotNetZip.Semverd: directory traversal

Synthesis of the vulnerability

An attacker can traverse directories of DotNetZip.Semverd, in order to create a file outside the service root path. This vulnerability is a member of the Zip Slip family (VIGILANCE-VUL-26357).
Impacted products: DotNetZip.
Severity: 2/4.
Consequences: data creation/edition.
Provenance: document.
Creation date: 13/06/2018.
Identifiers: CVE-2018-1002205, VIGILANCE-VUL-26399.

Description of the vulnerability

An attacker can traverse directories of DotNetZip.Semverd, in order to create a file outside the service root path. This vulnerability is a member of the Zip Slip family (VIGILANCE-VUL-26357).
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about DotNetZip: