GHSA-hf5p-q87m-crj7: Junrar: Path Traversal (Zip-Slip) via Sibling Directory Name Prefix
A path traversal vulnerability in LocalFolderExtractor allows an attacker to write arbitrary files with attacker-controlled content into sibling directories when a crafted RAR archive is extracted.
References
Code Behaviors & Features
Detect and mitigate GHSA-hf5p-q87m-crj7 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →