Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-r285-q736-9v95: Filename spoofing in archive

An issue in Archive v3.3.7 allows attackers to spoof zip filenames which can lead to inconsistent filename parsing.

ghsa
#git

Filename spoofing in archive

Low severity GitHub Reviewed Published Aug 31, 2023 to the GitHub Advisory Database • Updated Aug 31, 2023

Related news

CVE-2023-39139: Ostorlab: Mobile App Security Testing for Android and iOS

An issue in Archive v3.3.7 allows attackers to execute a path traversal via extracting a crafted zip file.