2 matches found
CVE-2018-3782
...
CVE-2018-3782
CVE-2018-3782 is a reservation duplicate of CVE-2018-1002203. Connected details confirm that unzipper (npm) prior to 0.8.13 is vulnerable to directory traversal (Zip-Slip), allowing arbitrary file write during archive extraction. The vulnerability affects unzipper before 0.8.13; remediation is to...