Path Traversal
MONAI is vulnerable to a Path Traversal. The vulnerability is due to the use of zipfile.ZipFile.extractall without proper path validation in the downloadfromngcprivate function, which allows an attacker to craft a malicious ZIP archive that writes files outside the intended extraction directory a...