| Release | Version |
|---|---|
| buster | 3.1.4+dfsg-1+deb10u1 |
| bullseye | 3.5.0+dfsg-2 |
| bookworm | 3.10.1+dfsg-1 |
| trixie | 3.10.1+dfsg-2 |
| sid | 3.10.1+dfsg-2 |
| Bug | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2022-48285 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | loadAsync in JSZip before 3.8.0 allows Directory Traversal via a craft ... |
| Bug | Description |
|---|---|
| CVE-2021-23413 | This affects the package jszip before 3.7.0. Crafting a new zip file w ... |