Arbitrary File Write via Archive Extractionunzipper
unzipper before 0.8.13 are vulnerable to arbitrary file write when used to extract a specifically crafted archive that contains path traversal filenames (
../../file.txt for example).
Update to version 0.3.18 or later.
Have content suggestions? Send them to [email protected]