CVE-2021-32841 - Vulnerability Details - OpenCVE

SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Starting version 1.3.0 and prior to version 1.3.3, a check was added if the destination file is under destination directory. However, it is not enforced that `destDir` ends with slash. If the `destDir` is not slash terminated like `/home/user/dir` it is possible to create a file with a name thats begins with the destination directory, i.e. `/home/user/dir.sh`. Because of the file name and destination directory constraints, the arbitrary file creation impact is limited and depends on the use case. Version 1.3.3 contains a patch for this vulnerability.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Exploitation poc

Automatable no

Technical Impact partial

Vendors	Products
Sharpziplib Project	Sharpziplib

Configuration 1 [-]

cpe:2.3:a:sharpziplib_project:sharpziplib:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/icsharpcode/SharpZipLib/commit/5c3b293de5d65b108e7f2cd0ea8f81c1b8273f78
https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3
https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/

History

Tue, 22 Apr 2025 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2022-01-26T21:10:15.000Z

Updated: 2025-04-22T18:28:07.967Z

Reserved: 2021-05-12T00:00:00.000Z

Link: CVE-2021-32841

Vulnrichment

Updated: 2024-08-03T23:33:56.037Z

NVD

Status : Modified

Published: 2022-01-26T22:15:07.837

Modified: 2024-11-21T06:07:51.730

Link: CVE-2021-32841

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "sharpziplib", "vendor": "icsharpcode", "versions": [{"lessThan": "1.3.3", "status": "affected", "version": "1.3.3", "versionType": "custom"}, {"lessThan": "1.3.0*", "status": "affected", "version": "1.3.0", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Starting version 1.3.0 and prior to version 1.3.3, a check was added if the destination file is under destination directory. However, it is not enforced that `destDir` ends with slash. If the `destDir` is not slash terminated like `/home/user/dir` it is possible to create a file with a name thats begins with the destination directory, i.e. `/home/user/dir.sh`. Because of the file name and destination directory constraints, the arbitrary file creation impact is limited and depends on the use case. Version 1.3.3 contains a patch for this vulnerability."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-01-26T21:10:15.000Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/icsharpcode/SharpZipLib/commit/5c3b293de5d65b108e7f2cd0ea8f81c1b8273f78"}], "source": {"discovery": "INTERNAL"}, "title": "Path Traversal in SharpZipLib", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2021-32841", "STATE": "PUBLIC", "TITLE": "Path Traversal in SharpZipLib"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "sharpziplib", "version": {"version_data": [{"version_affected": "<", "version_name": "1.3.3", "version_value": "1.3.3"}, {"version_affected": ">=", "version_name": "1.3.0", "version_value": "1.3.0"}]}}]}, "vendor_name": "icsharpcode"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Starting version 1.3.0 and prior to version 1.3.3, a check was added if the destination file is under destination directory. However, it is not enforced that `destDir` ends with slash. If the `destDir` is not slash terminated like `/home/user/dir` it is possible to create a file with a name thats begins with the destination directory, i.e. `/home/user/dir.sh`. Because of the file name and destination directory constraints, the arbitrary file creation impact is limited and depends on the use case. Version 1.3.3 contains a patch for this vulnerability."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}]}, "references": {"reference_data": [{"name": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/", "refsource": "CONFIRM", "url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/"}, {"name": "https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3", "refsource": "MISC", "url": "https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3"}, {"name": "https://github.com/icsharpcode/SharpZipLib/commit/5c3b293de5d65b108e7f2cd0ea8f81c1b8273f78", "refsource": "MISC", "url": "https://github.com/icsharpcode/SharpZipLib/commit/5c3b293de5d65b108e7f2cd0ea8f81c1b8273f78"}]}, "source": {"discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T23:33:56.037Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/icsharpcode/SharpZipLib/commit/5c3b293de5d65b108e7f2cd0ea8f81c1b8273f78"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-22T15:51:36.544375Z", "id": "CVE-2021-32841", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-22T18:28:07.967Z"}}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2021-32841", "datePublished": "2022-01-26T21:10:15.000Z", "dateReserved": "2021-05-12T00:00:00.000Z", "dateUpdated": "2025-04-22T18:28:07.967Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/icsharpcode/SharpZipLib/commit/5c3b293de5d65b108e7f2cd0ea8f81c1b8273f78", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T23:33:56.037Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-32841", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-22T15:51:36.544375Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-22T15:51:38.045Z"}}], "cna": {"title": "Path Traversal in SharpZipLib", "source": {"discovery": "INTERNAL"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "icsharpcode", "product": "sharpziplib", "versions": [{"status": "affected", "version": "1.3.3", "lessThan": "1.3.3", "versionType": "custom"}, {"status": "affected", "version": "1.3.0", "lessThan": "1.3.0*", "versionType": "custom"}]}], "references": [{"url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/icsharpcode/SharpZipLib/commit/5c3b293de5d65b108e7f2cd0ea8f81c1b8273f78", "tags": ["x_refsource_MISC"]}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "descriptions": [{"lang": "en", "value": "SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Starting version 1.3.0 and prior to version 1.3.3, a check was added if the destination file is under destination directory. However, it is not enforced that `destDir` ends with slash. If the `destDir` is not slash terminated like `/home/user/dir` it is possible to create a file with a name thats begins with the destination directory, i.e. `/home/user/dir.sh`. Because of the file name and destination directory constraints, the arbitrary file creation impact is limited and depends on the use case. Version 1.3.3 contains a patch for this vulnerability."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2022-01-26T21:10:15.000Z"}, "x_legacyV4Record": {"impact": {"cvss": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, "source": {"discovery": "INTERNAL"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_name": "1.3.3", "version_value": "1.3.3", "version_affected": "<"}, {"version_name": "1.3.0", "version_value": "1.3.0", "version_affected": ">="}]}, "product_name": "sharpziplib"}]}, "vendor_name": "icsharpcode"}]}}, "data_type": "CVE", "generator": {"engine": "Vulnogram 0.0.9"}, "references": {"reference_data": [{"url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/", "name": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/", "refsource": "CONFIRM"}, {"url": "https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3", "name": "https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3", "refsource": "MISC"}, {"url": "https://github.com/icsharpcode/SharpZipLib/commit/5c3b293de5d65b108e7f2cd0ea8f81c1b8273f78", "name": "https://github.com/icsharpcode/SharpZipLib/commit/5c3b293de5d65b108e7f2cd0ea8f81c1b8273f78", "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Starting version 1.3.0 and prior to version 1.3.3, a check was added if the destination file is under destination directory. However, it is not enforced that `destDir` ends with slash. If the `destDir` is not slash terminated like `/home/user/dir` it is possible to create a file with a name thats begins with the destination directory, i.e. `/home/user/dir.sh`. Because of the file name and destination directory constraints, the arbitrary file creation impact is limited and depends on the use case. Version 1.3.3 contains a patch for this vulnerability."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2021-32841", "STATE": "PUBLIC", "TITLE": "Path Traversal in SharpZipLib", "ASSIGNER": "security-advisories@github.com"}}}}, "cveMetadata": {"cveId": "CVE-2021-32841", "state": "PUBLISHED", "dateUpdated": "2025-04-22T18:28:07.967Z", "dateReserved": "2021-05-12T00:00:00.000Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2022-01-26T21:10:15.000Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sharpziplib_project:sharpziplib:*:*:*:*:*:*:*:*", "matchCriteriaId": "C56750EF-B437-4DCF-8355-37F595174730", "versionEndExcluding": "1.3.3", "versionStartIncluding": "1.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Starting version 1.3.0 and prior to version 1.3.3, a check was added if the destination file is under destination directory. However, it is not enforced that `destDir` ends with slash. If the `destDir` is not slash terminated like `/home/user/dir` it is possible to create a file with a name thats begins with the destination directory, i.e. `/home/user/dir.sh`. Because of the file name and destination directory constraints, the arbitrary file creation impact is limited and depends on the use case. Version 1.3.3 contains a patch for this vulnerability."}, {"lang": "es", "value": "SharpZipLib (o #ziplib) es una biblioteca Zip, GZip, Tar y BZip2. A partir de la versi\u00f3n 1.3.0 y versiones anteriores a 1.3.3, fue a\u00f1adida una comprobaci\u00f3n de si el archivo de destino est\u00e1 en el directorio de destino. Sin embargo, no es obligatorio que \"destDir\" termine en barra. Si \"destDir\" no termina en barra como \"/home/user/dir\" es posible crear un fichero con un nombre que empiece por el directorio de destino, por ejemplo \"/home/user/dir.sh\". Debido a las restricciones del nombre del archivo y del directorio de destino, el impacto de la creaci\u00f3n arbitraria de archivos es limitado y depende del caso de uso. La versi\u00f3n 1.3.3 contiene un parche para esta vulnerabilidad"}], "id": "CVE-2021-32841", "lastModified": "2024-11-21T06:07:51.730", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-01-26T22:15:07.837", "references": [{"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/icsharpcode/SharpZipLib/commit/5c3b293de5d65b108e7f2cd0ea8f81c1b8273f78"}, {"source": "security-advisories@github.com", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/icsharpcode/SharpZipLib/commit/5c3b293de5d65b108e7f2cd0ea8f81c1b8273f78"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}