EPSS
Percentile
24.7%
zziplib is vulnerable to arbitrary file writes. The library does not properly sanitize file paths, allowing a malicious user to overwrite arbitrary files on the system by passing a zip file with .. in it.
..
github.com/gdraheim/zziplib/issues/62