Headline
GHSA-r285-q736-9v95: Filename spoofing in archive
An issue in Archive v3.3.7 allows attackers to spoof zip filenames which can lead to inconsistent filename parsing.
Filename spoofing in archive
Low severity GitHub Reviewed Published Aug 31, 2023 to the GitHub Advisory Database • Updated Aug 31, 2023
Related news
CVE-2023-39139: Ostorlab: Mobile App Security Testing for Android and iOS
An issue in Archive v3.3.7 allows attackers to execute a path traversal via extracting a crafted zip file.