2 matches found
CVE-2021-23391
CVE-2021-23391 affects all versions of the NodeJS CMS calipso . The vulnerability is an Arbitrary File Write via Archive Extraction (Zip Slip) , exploitable through the module install functionality to overwrite files on the target filesystem. Root cause appears to be unsafe archive extraction all...
CVE-2021-23391 Arbitrary File Write via Archive Extraction (Zip Slip)
This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality...