Path Traversal
The adm-zip npm library is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ in a Zip archive entry that is mishandled during extraction.
Advisories for Npm/Adm-Zip package
2018
The adm-zip npm library is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ in a Zip archive entry that is mishandled during extraction.