2 matches found
CVE-2020-36561
Due to improper path sanitization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...
CVE-2020-36561
CVE-2020-36561 is a path-traversal vulnerability in the unzip library used by github.com/yi-ge/unzip (go-unzip). The root cause is improper path sanitization that allows archives containing relative file paths to write or overwrite files outside the target directory. Documents indicate the issue ...