Описание
Unzip vulnerable to path traversal
Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.
Пакеты
Наименование
github.com/yi-ge/unzip
go
Затронутые версииВерсия исправления
< 1.0.3-0.20200308084313-2adbaa4891b9
1.0.3-0.20200308084313-2adbaa4891b9
Связанные уязвимости
CVSS3: 9.1
nvd
около 3 лет назад
Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.