Fix Zip Slip vulnerability in NGC private bundle download

[yueyueL]

Replaced the unsafe zipfile.extractall() in _download_from_ngc_private with MONAI's safe extraction utility. Prevents path traversal via crafted zip member paths (CWE-22).

Description

This changes _download_from_ngc_private() to use the same safe zip extraction path as the other bundle download sources. The previous code used ZipFile.extractall() directly, which could allow Zip Slip path traversal if a malicious archive is downloaded. Now extraction validates member paths and keeps writes within the target directory.

[coderabbitai]

📝 Walkthrough

Walkthrough

Imported _extract_zip from monai.apps.utils into monai/bundle/scripts.py. Replaced the inline zipfile.ZipFile extraction in _download_from_ngc_private with a call to _extract_zip(zip_path, extract_path). Post-extraction logging remains unchanged.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Pre-merge checks and finishing touches

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 50.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.
Description check	❓ Inconclusive	Description covers the fix and security rationale, but lacks checkbox completion for changesets types and testing requirements per the template.	Complete the checklist section with appropriate selections for change type and testing status to match the repository template.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Title check	✅ Passed	Title accurately summarizes the main security fix—replacing unsafe zip extraction with safe utility to prevent Zip Slip vulnerability.

✨ Finishing touches

• 📝 Generate docstrings

---

📜 Recent review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Cache: Disabled due to data retention organization setting

Knowledge base: Disabled due to Reviews -> Disable Knowledge Base setting

📥 Commits

Reviewing files that changed from the base of the PR and between a334b62 and 4daa3d3.

📒 Files selected for processing (1)

• monai/bundle/scripts.py

🚧 Files skipped from review as they are similar to previous changes (1)

• monai/bundle/scripts.py

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull request overview

This PR fixes a critical Zip Slip vulnerability (CWE-22) in the NGC private bundle download functionality by replacing the unsafe zipfile.extractall() call with MONAI's secure _extract_zip() utility that validates member paths and prevents path traversal attacks.

Key Changes:

• Replaced direct use of zipfile.extractall() with the safe _extract_zip() utility function
• Added import for _extract_zip from monai.apps.utils

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[ericspod]

Looks good to me, please look at the DCO resolution process, the other CICD issues are being worked on elsewhere so we'll have to wait on that.

[KumoLiu]

/build

[Copilot]

Pull request overview

Copilot reviewed 1 out of 1 changed files in this pull request and generated no new comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[yueyueL]

@KumoLiu The blossom-ci shows success (https://github.com/Project-MONAI/MONAI/actions/runs/20713670102) but hasn't updated on the PR. Could you help resolve this?

[KumoLiu]

/build

[KumoLiu]

@KumoLiu The blossom-ci shows success (https://github.com/Project-MONAI/MONAI/actions/runs/20713670102) but hasn't updated on the PR. Could you help resolve this?

retriggered, looks like network issue.