Malicious code in uzip (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ee20087db4a86ce68765ba8046732e8f1fc906c58a0303e836429a63788dc97f During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...

Path traversal

This affects all versions of package github.com/u-root/u-root/pkg/uzip. It is vulnerable to both leading and non-leading relative path traversal attacks in zip file extraction...

CVE-2020-7665 Arbitrary File Write via Archive Extraction (Zip Slip)

This affects all versions of package github.com/u-root/u-root/pkg/uzip. It is vulnerable to both leading and non-leading relative path traversal attacks in zip file extraction...

PT-2020-19693 · U Root · U-Root

Name of the Vulnerable Software and Affected Versions: u-root versions affected versions not specified Description: The issue concerns path traversal attacks, specifically both leading and non-leading relative path traversal, in zip file extraction. This affects the u-root package, particularly i...