A ZipSlip vulnerability exists when using the fileutil package to unzip files.
{ "review_status": "REVIEWED", "url": "https://pkg.go.dev/vuln/GO-2022-1114" }
{ "imports": [ { "symbols": [ "UnZip" ], "path": "github.com/duke-git/lancet/fileutil" } ] }
{ "imports": [ { "symbols": [ "UnZip" ], "path": "github.com/duke-git/lancet/v2/fileutil" } ] }