CVE-2022-48285 Information

Jan 30, 2023 cve

Description

loadAsync in JSZip before 3.8.0 allows Directory Traversal via a crafted ZIP archive.

Reference

https://github.com/Stuk/jszip/compare/v3.7.1…v3.8.0 https://www.mend.io/vulnerability-database/WS-2023-0004 https://exchange.xforce.ibmcloud.com/vulnerabilities/244499 https://github.com/Stuk/jszip/commit/2edab366119c9ee948357c02f1206c28566cdf15

Share on: