Ximin Luo

Name of the Vulnerable Software and Affected Versions: diffoscope versions prior to 77 Description: The issue is related to a lack of necessary checks when analyzing archives, which can be exploited by a remote attacker to write data to arbitrary locations on disk using a specially crafted archive. This can potentially lead to unauthorized data modification. Recommendations: For versions prior to 77, update to version 77 or later to resolve the issue. As a temporary workaround, consider restricting the use of diffoscope when analyzing untrusted archives until a patch is applied. Avoid using diffoscope to analyze archives from untrusted sources to minimize the risk of exploitation.