CVE-2021-23484

Published
View on NVD ↗
CVSS v3
9.8
CRITICAL
CVSS v2
7.5
HIGH
Affected
1
PROJECT

Description

The package zip-local before 0.3.5 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) which can lead to an extraction of a crafted file outside the intended extraction directory.

Mostafa-Samir/zip-local
Mostafa-Samir/zip-local
very simple zipping/uzipping of local files and directories in node.js
GitHubGitHub
119