1. 8
    1. 2

      If you want a safe alternative, try Unblob https://unblob.org!

      Our researcher Quentin fixed these vulnerabilities very early on, even in external tools: https://github.com/onekey-sec/unblob/issues?q=is%3Aissue+is%3Aclosed+traversal

      He even found a problem with Python standard library tarfile!

      We forked extraction tools we use in Unblob just to be able to fix these path traversal vulnerabilities!