Vigilance.fr - sbt: directory traversal via IO.unzip(), analyzed on 22/11/2023
January 2024 by Vigilance.fr
An attacker can traverse directories of sbt, via IO.unzip(), in order to write a file outside the service root path.
Plus d'information sur : https://vigilance.fr/vulnerability/sbt-directory-traversal-via-IO-unzip-42950