CVE-2023-5938 Path traversal via 'zip slip' in Arc before v1.6.0
Multiple functions use archives without properly validating the filenames therein, rendering the application vulnerable to path traversal via 'zip slip' attacks. An administrator able to provide tampered archives to be processed by the affected versions of Arc may be able to have arbitrary files...