High severity7.8NVD Advisory· Published Aug 30, 2023· Updated Jun 17, 2026
CVE-2023-39135
CVE-2023-39135
Description
An issue in Zip Swift v2.1.2 allows attackers to execute a path traversal attack via a crafted zip entry.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/marmelroy/ZipSwiftURL | <= 2.1.2 | — |
Affected products
2- Zip Swift/Zip Swiftdescription
Patches
Vulnerability mechanics
References
6- blog.ostorlab.co/zip-packages-exploitation.htmlnvdExploitThird Party AdvisoryWEB
- github.com/marmelroy/Zip/issues/245nvdExploitIssue TrackingVendor AdvisoryWEB
- ostorlab.co/vulndb/advisory/OVE-2023-1nvdExploitThird Party AdvisoryWEB
- github.com/advisories/GHSA-g454-wj9r-jpg4ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-39135ghsaADVISORY
- security.snyk.io/research/zip-slip-vulnerabilitynvdThird Party AdvisoryWEB
News mentions
0No linked articles in our index yet.