Release | Version |
---|---|
buster | 3.1.4+dfsg-1+deb10u1 |
bullseye | 3.5.0+dfsg-2 |
bookworm | 3.10.1+dfsg-1 |
trixie | 3.10.1+dfsg-2 |
sid | 3.10.1+dfsg-2 |
Bug | buster | bullseye | bookworm | trixie | sid | Description |
---|---|---|---|---|---|---|
CVE-2022-48285 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | loadAsync in JSZip before 3.8.0 allows Directory Traversal via a craft ... |
Bug | Description |
---|---|
CVE-2021-23413 | This affects the package jszip before 3.7.0. Crafting a new zip file w ... |