CVE-2017-5946
CVE-2017-5946 – Rubyzip directory traversal vulnerability : The Zip::File component of the rubyzip gem for Ruby (pre-1.2.1) allows a ZIP archive to write files outside the target directory when a ZIP upload contains paths with "..". This enables arbitrary file writes on the filesystem if a site p...