Lucene search
GoogleOSV:CVE-2022-48285HistoryJan 29, 2023 - 5:15 a.m.
CVE-2022-48285
2023-01-2905:15:10
Google
osv.dev
9
jszip
directory traversal
vulnerability
zip archive
7.3 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
6.9 Medium
AI Score
Confidence
High
0.006 Low
EPSS
Percentile
79.3%
loadAsync in JSZip before 3.8.0 allows Directory Traversal via a crafted ZIP archive.
Related
ibm
ibm
debiancve
debiancve
CVE-2022-48285
2023-01-29 05:15:10
redhatcve
redhatcve
CVE-2022-48285
2023-01-31 05:35:23
prion
prion
Directory traversal
2023-01-29 05:15:00
cve
cve
CVE-2022-48285
2023-01-29 05:15:10
veracode
veracode
Directory Traversal
2023-02-06 04:51:43
osv
osv
JSZip contains Path Traversal via loadAsync
2023-01-29 06:30:52
cbl_mariner
cbl_mariner
CVE-2022-48285 affecting package mozjs for versions less than 102.15.1-1
2024-03-19 17:21:46
CVE-2022-48285 affecting package mozjs60 60.9.0-11
2023-07-28 23:16:55
nvd
nvd
CVE-2022-48285
2023-01-29 05:15:10
github
github
JSZip contains Path Traversal via loadAsync
2023-01-29 06:30:52
cvelist
cvelist
CVE-2022-48285
2023-01-29 00:00:00
ubuntucve
ubuntucve
CVE-2022-48285
2023-01-29 00:00:00
nessus
nessus
RHEL 8 : jszip (Unpatched Vulnerability)
2024-05-11 00:00:00
Oracle Primavera Unifier (Jul 2023 CPU)
2023-07-26 00:00:00
Oracle Primavera Gateway (Jul 2023 CPU)
2023-07-19 00:00:00
redhat
redhat
oracle
oracle
Oracle Critical Patch Update Advisory - October 2023
2023-10-17 00:00:00
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00
7.3 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
6.9 Medium
AI Score
Confidence
High
0.006 Low
EPSS
Percentile
79.3%
Related for OSV:CVE-2022-48285