1. 8
  1.  

  2. 2

    If you want a safe alternative, try Unblob https://unblob.org!

    Our researcher Quentin fixed these vulnerabilities very early on, even in external tools: https://github.com/onekey-sec/unblob/issues?q=is%3Aissue+is%3Aclosed+traversal

    He even found a problem with Python standard library tarfile!

    We forked extraction tools we use in Unblob just to be able to fix these path traversal vulnerabilities!