{
  "WorkItem": {
    "AffectedComponent": {
      "Name": "",
      "DisplayName": ""
    },
    "ClosedComment": "",
    "ClosedDate": null,
    "CommentCount": 0,
    "Custom": null,
    "Description": "ZIP files can contain relative paths including \"..\". This allows an attacker to write in any folder the current process may access.\n\nI propose to add a checking function that makes sure files to be written must be in or below the working folder.",
    "LastUpdatedDate": "2014-02-21T07:49:14.937-08:00",
    "PlannedForRelease": "",
    "ReleaseVisibleToPublic": false,
    "Priority": {
      "Name": "Unassigned",
      "Severity": 0,
      "Id": 0
    },
    "ProjectName": "DotNetZip",
    "ReportedDate": "2014-02-21T07:49:14.937-08:00",
    "Status": {
      "Name": "Proposed",
      "Id": 1
    },
    "ReasonClosed": {
      "Name": "Unassigned"
    },
    "Summary": "Security issue: relative paths can be used to write outsite of the working folder",
    "Type": {
      "Name": "Unassigned",
      "Id": 5
    },
    "VoteCount": 1,
    "Id": 16718
  },
  "FileAttachments": [],
  "Comments": []
}