github.com/unknwon/cae/zip is vulnerable to arbitrary file write (Zip-slip) vulnerability. Lack of sanitization of zip archives file path destPath
in the function ExtractToFunc
for file names with leading or non-leading “…” allows malicious user to perform rewriting of files system-wide.