We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
When using the Extract() method of unzip-stream, malicious zip files were able to write to paths they shouldn't be allowed to.
Extract()
Fixed in 0.3.4
Justin Taft from Google
Impact
When using the
Extract()method of unzip-stream, malicious zip files were able to write to paths they shouldn't be allowed to.Patches
Fixed in 0.3.4
References
Credits
Justin Taft from Google