0.001 Low
EPSS
Percentile
47.6%
Versions of adm-zip before 0.4.9 are vulnerable to arbitrary file write when used to extract a specifically crafted archive that contains path traversal filenames (../../file.txt for example).
adm-zip
../../file.txt
Update to version 0.4.9 or later.