Vulnerabilities > Compression AND Archive Extensions Project

DATE CVE VULNERABILITY TITLE RISK
2020-06-23 CVE-2020-7664 Path Traversal vulnerability in Compression and Archive Extensions Project Compression and Archive Extensions ZIP Project
In all versions of the package github.com/unknwon/cae/zip, the ExtractTo function doesn't securely escape file paths in zip archives which include leading or non-leading "..".
7.5