Количество 4
Количество 4
CVE-2018-1002204
adm-zip npm library before 0.4.9 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'.
CVE-2018-1002204
adm-zip npm library before 0.4.9 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'.
GHSA-3v6h-hqm4-2rg6
Arbitrary File Write in adm-zip
BDU:2018-00938
Уязвимость функции extractDir библиотеки Node.js для работы с zip-файлами Adm-zip, позволяющая нарушителю выполнить произвольный код
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2018-1002204 adm-zip npm library before 0.4.9 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'. | CVSS3: 5.3 | 18% Средний | около 11 лет назад |
 | CVE-2018-1002204 adm-zip npm library before 0.4.9 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'. | CVSS3: 5.5 | 18% Средний | больше 7 лет назад |
| GHSA-3v6h-hqm4-2rg6 Arbitrary File Write in adm-zip | CVSS3: 5.5 | 18% Средний | больше 7 лет назад |
 | BDU:2018-00938 Уязвимость функции extractDir библиотеки Node.js для работы с zip-файлами Adm-zip, позволяющая нарушителю выполнить произвольный код | CVSS3: 9.6 | 18% Средний | больше 7 лет назад |
Уязвимостей на страницу