CVE-2018-1002206: Directory Traversal in SharpCompress
5.5
CVSS Score
3.0
Basic Information
CVE ID
GHSA ID
EPSS Score
0.84688%
CWE
Published
9/11/2019
Updated
3/24/2023
KEV Status
No
Technology
C#
Technical Details
CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
sharpcompress | nuget | < 0.21.0 | 0.21.0 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The commit diff shows critical path validation logic was added to WriteToDirectory: 1) Added Path.GetFullPath() calls to resolve relative paths 2) Implemented checks that destination paths start with the full destination directory path. The vulnerability manifest in this function because it handled user-controlled archive entry paths without proper containment checks. The added test Zip_Evil_Throws_Exception confirms this was the attack vector by testing malicious ../ paths.