RELEASED: Public: June 25, 2025
Security fixes
Fixed path traversal vulnerability in tar.gz extraction (BEE-56974): Fixed a security vulnerability where malicious tar.gz files could write files outside the intended extraction directory. This could potentially allow remote code execution. The extraction process now validates file paths to prevent path traversal attacks.