Build software better, together

Security Advisories

View information about security vulnerabilities from this repository's maintainers.

Arbitrary file write through entry point names
GHSA-4gg8-gxpx-9rph published May 18, 2026 by zanieb

Moderate
Abitrary file deletion through RECORD entries
GHSA-pjjw-68hj-v9mw published Apr 9, 2026 by zanieb

Low
ZIP payload obfuscation through parsing differentials
GHSA-pqhf-p39g-3x64 published Oct 29, 2025 by woodruffw

Moderate
Differential in tar extraction with PAX headers
GHSA-w476-p2h3-79g9 published Oct 21, 2025 by woodruffw

Low
Path traversal in tar extraction
GHSA-7j9j-68r2-f35q published Sep 23, 2025 by woodruffw

Low
ZIP payload obfuscation through parsing differentials
GHSA-8qf3-x8v5-2pj8 published Aug 7, 2025 by woodruffw

Moderate