Lucene search
Spring Integration Zip Security Vulnerabilities
cve
Addresses partial fix in CVE-2018-1263. Spring-integration-zip, versions prior to 1.0.4, exposes an arbitrary file write vulnerability, that can be achieved using a specially crafted zip archive (affects other archives as well, bzip2, tar, xz, war, cpio, 7z), that holds path traversal filenames....
5.3CVSS
4.7AI Score
0.001EPSS
2021-03-01 06:15 PM
39
2