| module = "github.com/yi-ge/unzip" |
| |
| description = """ |
| Malicious Zip archives can be crafted that contain relative file paths, |
| such that arbitary files outside of the target directory may be overwritten. |
| """ |
| |
| symbols = ["Unzip.Extract"] |
| |
| published = "2021-04-14T12:00:00Z" |
| |
| [[versions]] |
| fixed = "v1.0.3-0.20200308084313-2adbaa4891b9" |
| |
| [links] |
| commit = "https://github.com/yi-ge/unzip/commit/2adbaa4891b9690853ef10216189189f5ad7dc73" |
| pr = "https://github.com/yi-ge/unzip/pull/1" |
| context = ["https://snyk.io/research/zip-slip-vulnerability"] |