CVE-2023-39138
ZIPFoundation v0.9.16 is vulnerable to a path traversal when extracting crafted ZIP archives, enabling writing outside the target directory. The issue is documented across multiple sources (GitHub GHSA- and OSV entries and CVE-2023-39138) and is triggered during extraction of crafted files, with ...