Vulnerabilities > Decompress Project

DATE	CVE	VULNERABILITY TITLE	RISK
2020-04-26	CVE-2020-12265	Link Following vulnerability in Decompress Project Decompress The decompress package before 4.2.1 for Node.js is vulnerable to Arbitrary File Write via ../ in an archive member, when a symlink is used, because of Directory Traversal. network low complexity decompress-project CWE-59 critical	9.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.

Vulnerabilities > Decompress Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Decompress Project"}]}

Vulnerabilities > Decompress Project