Akane0721

**Name of the Vulnerable Software and Affected Versions** minizip-ng version 4.0.2 **Description** The issue is related to a Buffer Overflow vulnerability in the `mz path has slash()` function, located in the `mz os.c` file, which can be exploited by an attacker using a crafted file. This could allow a remote attacker to execute arbitrary code. **Recommendations** For minizip-ng version 4.0.2, consider disabling the `mz path has slash()` function until a patch is available to prevent potential exploitation.

**Name of the Vulnerable Software and Affected Versions** minizip-ng version 4.0.2 **Description** The issue is related to a Buffer Overflow in the `mz path resolve` function, located in the `mz os.c` file, which can be exploited by an attacker using a crafted file. This could allow a remote attacker to execute arbitrary code. The `mz path resolve` function is part of the minizip-ng library, used for working with zip files. **Recommendations** For minizip-ng version 4.0.2, consider disabling the `mz path resolve` function until a patch is available to prevent potential exploitation. Restrict access to the `mz os.c` file and related components to minimize the risk of arbitrary code execution. Avoid using the `mz path resolve` function with untrusted input until the issue is resolved.