new vulnerability in adm-zip

Author: sampion88

input/new.json

@@ -1,18 +1,18 @@
 {
-  "package_name": "",
-  "patch_versions": [],
-  "vulnerable_ranges": [],
-  "cwe": [],
-  "tldr": "",
-  "doest_this_affect_me": "",
-  "how_to_fix": "",
+  "package_name": "adm-zip",
+  "patch_versions": ["0.5.2"],
+  "vulnerable_ranges": ["0.1.1", "0.5.1"],
+  "cwe": ["CWE-22"],
+  "tldr": "Affected versions of this package are vulnerable to directory traversal attacks during file extraction. By manipulating archive filenames with sequences like `../`, attackers can craft malicious archives that, when extracted, place files outside the intended target directory. This can overwrite critical system files, deploy unauthorized scripts, or expose sensitive data.",
+  "doest_this_affect_me": "You are affected if you are using a version that falls within the vulnerable range.",
+  "how_to_fix": "Upgrade the `adm-zip` library to the patch version.",
   "reporter": "",
-  "vulnerable_to": "",
+  "vulnerable_to": "Path Traversal",
   "related_cve_id": "",
-  "language": "",
-  "severity_class": "",
-  "aikido_score": 0,
-  "changelog": "",
+  "language": "JS",
+  "severity_class": "HIGH",
+  "aikido_score": 80,
+  "changelog": "https://github.com/cthackers/adm-zip/commit/119dcad6599adccc77982feb14a0c7440fa63013",
   "package_name_alias": null,
   "package_wildcard_ends_in": null,
   "package_wildcard_contains": null,