cb
cvebase
.
~
/
products
/
node.js
/
adm-zip
Search CVEs, products, detections…
⌘K
pipeline live
Digest
Docs
Home
/
Products
/
node.js
/
Node.Js Adm-Zip
Node.Js Adm-Zip vulnerabilities
1 known vulnerability affecting
node.js/adm-zip
.
Track
Version
All versions
Total CVEs
1
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM
1
Vulnerabilities
Sort
Most important
Highest Priority
Highest EPSS
Highest CVSS
Newest
Oldest
Page 1 of 1
CVE-2018-1002204
P3
MEDIUM
CVSS 5.5
≥ unspecified, < 0.4.9
2018-07-25
CVE-2018-1002204 [MEDIUM] CWE-22 CVE-2018-1002204: adm-zip npm library before 0.4.9 is vulnerable to directory traversal, allowing attackers to write t adm-zip npm library before 0.4.9 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'.
nvd
Node.Js Adm-Zip vulnerabilities | cvebase