[jszip] JSZip contains Path Traversal via loadAsync

loadAsync in JSZip before 3.8.0 allows Directory Traversal via a crafted ZIP archive.

References

• https://nvd.nist.gov/vuln/detail/CVE-2022-48285
• https://github.com/Stuk/jszip/commit/2edab366119c9ee948357c02f1206c28566cdf15
• https://github.com/Stuk/jszip/compare/v3.7.1…v3.8.0
• https://www.mend.io/vulnerability-database/WS-2023-0004
• https://github.com/advisories/GHSA-36fh-84j7-cv5h