0.004 Low
EPSS
Percentile
74.5%
rubyzip is vulnerable to directory traversals. A malicious user can prepend ../ to the file’s directory path to traverse the directory to create and overwrite arbitrary files.
../
www.debian.org/security/2017/dsa-3801
www.securityfocus.com/bid/96445
github.com/rubyzip/rubyzip/issues/315
github.com/rubyzip/rubyzip/releases