Mostafa-Samir/zip-local

Mostafa-Samir/zip-local

GitHubGitHub
GitHubgithub.com
Releases0
Stars119
very simple zipping/uzipping of local files and directories in node.js
Log in to subscribe

CVE History

CVEPublishedCVSS v3CVSS v2
CVE-2021-23484
9.8 CRITICAL7.5 HIGH

The package zip-local before 0.3.5 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) which can lead to an extraction of a crafted file outside the intended extraction directory.