The NewReader and OpenReader functions in archive/zip can cause a panic or an unrecoverable fatal error when reading an archive that claims to contain a large number of files, regardless of its actual size. This is caused by an incomplete fix for CVE-2021-33196.
7.7 High
AI Score
Confidence
0.003 Low
EPSS
Percentile
65.8%