VYPR

Extract

by Codeclysm

Source repositories

CVEs (2)

  • CVE-2024-47877Oct 11, 2024
    risk 0.00cvss epss 0.01

    Extract is aA Go library to extract archives in zip, tar.gz or tar.bz2 formats. A maliciously crafted archive may allow an attacker to create a symlink outside the extraction target directory. This vulnerability is fixed in 4.0.0. If you're using the Extractor.FS interface, then…

  • CVE-2019-12739Jun 5, 2019
    risk 0.00cvss epss 0.03

    lib/Controller/ExtractionController.php in the Extract add-on before 1.2.0 for Nextcloud allows Remote Code Execution via shell metacharacters in a RAR filename via ajax/extractRar.php (nameOfFile and directory parameters).