Lucene search
GitHub Advisory DatabaseGHSA-2RPM-4X8C-PVQGHistoryMay 13, 2022 - 1:35 a.m.
Improper Limitation of a Pathname to a Restricted Directory in Zip4j
2022-05-1301:35:04
CWE-22
GitHub Advisory Database
github.com
3
0.002 Low
EPSS
Percentile
53.9%
zip4j before 1.3.3 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a …/ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as ‘Zip-Slip’.
| CPE | Name | Operator | Version |
|---|---|---|---|
| net.lingala.zip4j:zip4j | lt | 1.3.3 |
Related
veracode
veracode
Arbitrary File Write
2018-06-06 08:54:26
prion
prion
Directory traversal
2018-07-25 17:29:00
osv
osv
Improper Limitation of a Pathname to a Restricted Directory in Zip4j
2022-05-13 01:35:04
debiancve
debiancve
CVE-2018-1002202
2018-07-25 17:29:00
cve
cve
CVE-2018-1002202
2018-07-25 17:29:00
cvelist
cvelist
CVE-2018-1002202
2018-07-25 17:00:00
redhatcve
redhatcve
CVE-2018-1002202
2018-06-06 14:26:37
f5
f5
K64709522 : Multiple Zip Slip vulnerabilities
2018-08-03 00:00:00
ibm
ibm
Security Bulletin: IBM Controller has addressed multiple vulnerabilities
2024-05-01 21:46:16