github.com/mholt/archiver is vulnerable to arbitrary file write attacks. The vulnerability exists as the library does not properly sanitize the destination filepath when extracting archived files, allowing a malicious user to extract files to an arbitrary filepath and overwrite files.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/mholt/archiver | eq | HEAD | |
github.com/mholt/archiver | le | v3.3.1 |