Lucene search
SnykCVELIST:CVE-2018-1002204HistoryJul 25, 2018 - 5:00 p.m.
CVE-2018-1002204
2018-07-2517:00:00
CWE-22
snyk
www.cve.org
1
adm-zip npm library before 0.4.9 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a …/ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as ‘Zip-Slip’.
CNA Affected
[
{
"product": "adm-zip",
"vendor": "node.js",
"versions": [
{
"lessThan": "0.4.9",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
github
github
Arbitrary File Write in adm-zip
2018-07-27 17:07:14
osv
osv
Arbitrary File Write in adm-zip
2018-07-27 17:07:14
CVE-2018-1002204
2018-07-25 17:29:01
veracode
veracode
Arbitrary File Write
2018-06-06 08:19:39
nodejs
nodejs
Arbitrary File Write via Archive Extraction
2018-08-03 15:15:42
Arbitrary File Write
2019-06-18 23:54:04
cve
cve
CVE-2018-1002204
2018-07-25 17:29:01
hackerone
hackerone
Node.js third-party modules: Arbitrary File Write Through Archive Extraction
2018-06-05 15:58:26
prion
prion
Directory traversal
2018-07-25 17:29:00
nvd
nvd
CVE-2018-1002204
2018-07-25 17:29:01
checkpoint_advisories
checkpoint_advisories
f5
f5
K64709522 : Multiple Zip Slip vulnerabilities
2018-08-03 00:00:00
5.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
47.6%
Related for CVELIST:CVE-2018-1002204