Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2018-1002203

unzipper npm library before 0.8.13 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.028
EPSS Ranking 85.6%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 4.3
Products affected by CVE-2018-1002203


Contact Us

Shodan ® - All rights reserved