hutool-core is vulnerable to directory traversal. There is a lack of validation in the filenme when a ZIP archive is unzipped, which would allow remote attackers to overwrite arbitrary files using the ../
characters in a filename within the ZIP archive.