CVE-2024-35744

Name of the Vulnerable Software and Affected Versions Upunzipper versions n/a through 1.0.0

Description The issue affects Ravidhu Dissanayake Upunzipper, allowing Path Traversal and File Manipulation due to an Improper Limitation of a Pathname to a Restricted Directory. This enables unauthorized access and file manipulation.

Recommendations For Upunzipper versions n/a through 1.0.0, consider restricting access to sensitive directories and files to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using the Upunzipper for sensitive operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.