PublicArchive/cpython
2
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2026-05-06 12:49:07 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
fc390bdceee66fff17cfb80d23235e7bb0b429dd
cpython/Lib/zipfile
T
History
Miss Islington (bot) b01e594fbe [3.14] gh-146581: Fix vulnerability in shutil.unpack_archive() for ZIP files on Windows (GH-146591) (GH-149064) 
Use ZipFile.extractall() to sanitize file names and extract files.

Files with invalid names (e.g. absolute paths) are now skipped.

Files containing ".." in the name are no longer skipped.
(cherry picked from commit fc829e8875)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
2026-04-27 22:55:02 +03:00
..
_path
__init__.py
[3.14] gh-146581: Fix vulnerability in shutil.unpack_archive() for ZIP files on Windows (GH-146591) (GH-149064)
2026-04-27 22:55:02 +03:00
__main__.py