CVE-2020-12265
The CVE-2020-12265 entry concerns the Node.js decompress package before version 4.2.1. Root cause: Directory Traversal via ../ in an archive member when a symlink is used, allowing Arbitrary File Write. Affected software: decompress (Node.js) prior to 4.2.1. Impact statements in the connected doc...