The vulnerability of the PSDInput::decompress_zip_prediction() function in the src/psd.imageio/psdinput.cpp module of the OpenImageIO library allows a attacker to compromise the integrity of the protected information or cause service failures.

The vulnerability of the PSDInput::decompresszipprediction function in the src/psd.imageio/psdinput.cpp module of the OpenImageIO library is related to integer overflow. Exploiting this vulnerability could allow an attacker to compromise the integrity of protected information or cause service...

@achingbrain/ngrok (=0.2.2), @atomist/sdm-automation (>=0.1.16 <=0.1.59-master.20200611224542) +605 more potentially affected by unknown CVE via decompress-zip (>=0.0.2 <=0.2.0)

decompress-zip NPM version =0.0.2, =0.1.16, =14.0.5, =0.1.2, =1.2.6, =1.0.1, =1.0.0, =1.1.1, =5.0.1, =1.0.0, =5.2.1, =5.3.0 - @paulcbetts/squirrel-windows =1.2.1 - @pgswe/ics.js =0.1.3 and more Source cves: unknown CVE Source advisory: OSV:GHSA-73V8-V6G4-VRPM...

Arbitrary File Overwrite in decompress-zip

Vulnerable versions of decompress-zip are affected by the Zip-Slip vulnerability, an arbitrary file write vulnerability. The vulnerability occurs because decompress-zip does not verify that extracted files do not resolve to targets outside of the extraction root directory. Recommendation For...

@angular/benchpress (=0.1.0), @camptocamp/closure-util (>=1.20.0 <=1.27.0) +141 more potentially affected by unknown CVE via decompress-zip (>=0.3.0 <=0.3.1)

decompress-zip NPM version =0.3.0, =1.20.0, =0.4.0, =0.4.0, =0.5.0-beta.2, =1.36.0, =0.0.1, =3.6.0, =1.0.0, =0.1.0, =0.1.3 and more Source cves: unknown CVE Source advisory: OSV:GHSA-73V8-V6G4-VRPM...

GHSA-73V8-V6G4-VRPM Arbitrary File Overwrite in decompress-zip

Vulnerable versions of decompress-zip are affected by the Zip-Slip vulnerability, an arbitrary file write vulnerability. The vulnerability occurs because decompress-zip does not verify that extracted files do not resolve to targets outside of the extraction root directory. Recommendation For...

Arbitrary File Overwrite

Overview Vulnerable versions of decompress-zip are affected by the Zip-Slip vulnerability, an arbitrary file write vulnerability. The vulnerability occurs because decompress-zip does not verify that extracted files do not resolve to targets outside of the extraction root directory. Recommendation...