OS command injection
Parsing a file with a malicious name leads to arbitrary OS command injection, this is especially risky when parsing user-supplied files on a server (e.g. uploaded files).
Advisories for Pypi/Textract package
2016
Parsing a file with a malicious name leads to arbitrary OS command injection, this is especially risky when parsing user-supplied files on a server (e.g. uploaded files).