CVE-2020-23171

A vulnerability in all versions of Nim-lang allows unauthenticated attackers to write files to arbitrary directories via a crafted zip file with dot-slash characters included in the name of the crafted file. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt