Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS04bTM2LTYycnctOW14d84AA5Pv
mapshaper Path Traversal vulnerability
Path Traversal in GitHub repository mbloch/mapshaper prior to 0.6.44.
Permalink: https://github.com/advisories/GHSA-8m36-62rw-9mxwJSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS04bTM2LTYycnctOW14d84AA5Pv
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: 3 months ago
Updated: 2 months ago
CVSS Score: 6.8
CVSS vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
Identifiers: GHSA-8m36-62rw-9mxw, CVE-2024-1163
References:
- https://nvd.nist.gov/vuln/detail/CVE-2024-1163
- https://github.com/mbloch/mapshaper/commit/7437d903c0a87802c3751fc529d2de7098094c72
- https://huntr.com/bounties/c1cbc18b-e4ab-4332-ad13-0033f0f976f5
- https://github.com/advisories/GHSA-8m36-62rw-9mxw
Blast Radius: 14.4
Affected Packages
npm:mapshaper
Dependent packages: 30Dependent repositories: 129
Downloads: 49,744 last month
Affected Version Ranges: < 0.6.44
Fixed in: 0.6.44
All affected versions: 0.1.3, 0.1.4, 0.1.5, 0.1.6, 0.1.7, 0.1.8, 0.1.9, 0.1.10, 0.1.11, 0.1.12, 0.1.13, 0.1.14, 0.1.15, 0.1.16, 0.1.17, 0.1.18, 0.1.19, 0.2.0, 0.2.1, 0.2.2, 0.2.3, 0.2.4, 0.2.5, 0.2.6, 0.2.7, 0.2.8, 0.2.9, 0.2.10, 0.2.11, 0.2.12, 0.2.13, 0.2.14, 0.2.15, 0.2.16, 0.2.17, 0.2.18, 0.2.19, 0.2.20, 0.2.21, 0.2.22, 0.2.23, 0.2.24, 0.2.25, 0.2.26, 0.2.27, 0.2.28, 0.3.0, 0.3.1, 0.3.2, 0.3.3, 0.3.4, 0.3.5, 0.3.6, 0.3.7, 0.3.8, 0.3.9, 0.3.10, 0.3.11, 0.3.12, 0.3.13, 0.3.14, 0.3.15, 0.3.16, 0.3.17, 0.3.18, 0.3.19, 0.3.20, 0.3.21, 0.3.22, 0.3.23, 0.3.24, 0.3.25, 0.3.26, 0.3.27, 0.3.28, 0.3.29, 0.3.30, 0.3.31, 0.3.32, 0.3.33, 0.3.34, 0.3.35, 0.3.36, 0.3.37, 0.3.38, 0.3.39, 0.3.40, 0.3.41, 0.3.42, 0.3.43, 0.4.0, 0.4.1, 0.4.2, 0.4.3, 0.4.4, 0.4.5, 0.4.6, 0.4.7, 0.4.8, 0.4.9, 0.4.10, 0.4.11, 0.4.12, 0.4.13, 0.4.14, 0.4.15, 0.4.16, 0.4.17, 0.4.18, 0.4.19, 0.4.20, 0.4.21, 0.4.22, 0.4.23, 0.4.24, 0.4.25, 0.4.26, 0.4.27, 0.4.28, 0.4.29, 0.4.30, 0.4.31, 0.4.32, 0.4.33, 0.4.34, 0.4.35, 0.4.36, 0.4.37, 0.4.38, 0.4.39, 0.4.40, 0.4.41, 0.4.42, 0.4.43, 0.4.44, 0.4.45, 0.4.46, 0.4.47, 0.4.48, 0.4.49, 0.4.50, 0.4.51, 0.4.52, 0.4.53, 0.4.54, 0.4.55, 0.4.56, 0.4.57, 0.4.58, 0.4.59, 0.4.60, 0.4.61, 0.4.62, 0.4.63, 0.4.64, 0.4.65, 0.4.66, 0.4.67, 0.4.68, 0.4.69, 0.4.70, 0.4.71, 0.4.72, 0.4.73, 0.4.74, 0.4.75, 0.4.76, 0.4.77, 0.4.78, 0.4.79, 0.4.80, 0.4.81, 0.4.82, 0.4.83, 0.4.84, 0.4.85, 0.4.86, 0.4.87, 0.4.88, 0.4.89, 0.4.90, 0.4.91, 0.4.92, 0.4.93, 0.4.94, 0.4.95, 0.4.96, 0.4.97, 0.4.98, 0.4.99, 0.4.100, 0.4.101, 0.4.102, 0.4.103, 0.4.104, 0.4.105, 0.4.106, 0.4.107, 0.4.108, 0.4.109, 0.4.110, 0.4.111, 0.4.112, 0.4.113, 0.4.114, 0.4.115, 0.4.116, 0.4.117, 0.4.118, 0.4.119, 0.4.120, 0.4.121, 0.4.122, 0.4.123, 0.4.124, 0.4.125, 0.4.126, 0.4.127, 0.4.128, 0.4.129, 0.4.130, 0.4.131, 0.4.132, 0.4.133, 0.4.134, 0.4.135, 0.4.136, 0.4.137, 0.4.138, 0.4.139, 0.4.140, 0.4.141, 0.4.142, 0.4.143, 0.4.144, 0.4.145, 0.4.146, 0.4.147, 0.4.148, 0.4.149, 0.4.150, 0.4.151, 0.4.152, 0.4.153, 0.4.154, 0.4.155, 0.4.156, 0.4.157, 0.4.158, 0.4.159, 0.4.160, 0.4.161, 0.4.162, 0.4.163, 0.5.0, 0.5.1, 0.5.2, 0.5.3, 0.5.4, 0.5.5, 0.5.6, 0.5.7, 0.5.8, 0.5.9, 0.5.10, 0.5.11, 0.5.12, 0.5.13, 0.5.14, 0.5.15, 0.5.16, 0.5.17, 0.5.18, 0.5.19, 0.5.20, 0.5.21, 0.5.22, 0.5.23, 0.5.24, 0.5.25, 0.5.26, 0.5.27, 0.5.28, 0.5.29, 0.5.30, 0.5.31, 0.5.32, 0.5.33, 0.5.34, 0.5.35, 0.5.36, 0.5.37, 0.5.38, 0.5.39, 0.5.40, 0.5.41, 0.5.42, 0.5.43, 0.5.44, 0.5.45, 0.5.46, 0.5.47, 0.5.48, 0.5.49, 0.5.50, 0.5.51, 0.5.52, 0.5.53, 0.5.54, 0.5.55, 0.5.56, 0.5.57, 0.5.58, 0.5.59, 0.5.60, 0.5.61, 0.5.62, 0.5.63, 0.5.64, 0.5.65, 0.5.66, 0.5.67, 0.5.68, 0.5.69, 0.5.70, 0.5.71, 0.5.72, 0.5.73, 0.5.74, 0.5.75, 0.5.76, 0.5.77, 0.5.78, 0.5.79, 0.5.80, 0.5.81, 0.5.82, 0.5.83, 0.5.84, 0.5.85, 0.5.86, 0.5.87, 0.5.88, 0.5.89, 0.5.91, 0.5.92, 0.5.93, 0.5.94, 0.5.95, 0.5.96, 0.5.97, 0.5.98, 0.5.99, 0.5.100, 0.5.101, 0.5.102, 0.5.103, 0.5.104, 0.5.105, 0.5.106, 0.5.107, 0.5.108, 0.5.109, 0.5.110, 0.5.111, 0.5.112, 0.5.113, 0.5.114, 0.5.115, 0.5.116, 0.5.117, 0.5.118, 0.6.0, 0.6.2, 0.6.3, 0.6.4, 0.6.5, 0.6.6, 0.6.7, 0.6.9, 0.6.10, 0.6.11, 0.6.12, 0.6.13, 0.6.14, 0.6.15, 0.6.16, 0.6.17, 0.6.18, 0.6.19, 0.6.20, 0.6.21, 0.6.22, 0.6.23, 0.6.24, 0.6.25, 0.6.26, 0.6.27, 0.6.28, 0.6.29, 0.6.30, 0.6.31, 0.6.32, 0.6.33, 0.6.34, 0.6.35, 0.6.36, 0.6.37, 0.6.38, 0.6.39, 0.6.40, 0.6.41, 0.6.42, 0.6.43
All unaffected versions: 0.6.44, 0.6.45, 0.6.46, 0.6.47, 0.6.48, 0.6.49, 0.6.50, 0.6.51, 0.6.52, 0.6.53, 0.6.54, 0.6.55, 0.6.56, 0.6.57, 0.6.58, 0.6.59, 0.6.61, 0.6.62, 0.6.63, 0.6.65, 0.6.66, 0.6.67, 0.6.68, 0.6.69, 0.6.70, 0.6.71, 0.6.72, 0.6.73, 0.6.74, 0.6.75, 0.6.76, 0.6.77, 0.6.78, 0.6.79, 0.6.80, 0.6.81, 0.6.82, 0.6.83, 0.6.84, 0.6.85, 0.6.86, 0.6.87, 0.6.88, 0.6.89, 0.6.90, 0.6.91