Jszip Security Vulnerabilities and Issues — Jszip CVE List

Lucene search

Jszip ProjectJszip

2 matches found

CVE•added 2023/01/29 5:15 a.m.•170 views

CVE-2022-48285

loadAsync in JSZip before 3.8.0 allows Directory Traversal via a crafted ZIP archive.

7.3CVSS6.8AI score0.00825EPSS

CVE•added 2021/07/25 1:15 p.m.•109 views

CVE-2021-23413

This affects the package jszip before 3.7.0. Crafting a new zip file with filenames set to Object prototype values (e.g proto , toString, etc) results in a returned object with a modified prototype instance.

5.3CVSS5AI score0.00236EPSS