CVE Identifier: CVE-2017-0359 Vulnerability Description: - diffoscope writes to arbitrary locations on disk based on the contents of an untrusted archive. - This issue could be exploited to write files to arbitrary locations, potentially leading to privilege escalation or other security risks. Package Affected: diffoscope Source Version Reporting: - Version 67 (affected) - Fixed in version 77 CVE Identifier Mentioned: - CVE-2017-0359 is mentioned in the bug report. Exploit Example: - The bug report includes a technical explanation and example code (Python) showing how the vulnerability can be exploited by manipulating file paths. This code illustrates how the software's failure to sanitize filenames can be exploited to write to arbitrary locations.