4 matches found
CVE-2018-17297
creationtimestamp| type| source ---|---|--- 2025-08-21 21:02:28+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lwwto27lc22m...
cn.hutool:hutool-aop (>=4.0.0 <=4.1.11), cn.hutool:hutool-bloomFilter (>=4.0.0 <=4.1.11) +79 more potentially affected by CVE-2018-17297 via cn.hutool:hutool-core (>=4.0.0 <=4.1.11)
cn.hutool:hutool-core MAVEN version =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.1.11 and more Source cves: CVE-2018-17297 Source advisory: OSV:GHSA-RHQ2-2574-78MC...
CVE-2018-17297
The unzip function in ZipUtil.java in Hutool before 4.1.12 allows remote attackers to overwrite arbitrary files via directory traversal sequences in a filename within a ZIP archive...
CVE-2018-17297
The vulnerability CVE-2018-17297 affects Hutool’s ZipUtil unzip implementation prior to 4.1.12, where directory traversal in a ZIP entry filename can overwrite arbitrary files. This is triggered during extraction of ZIP archives and has potential to impact file integrity on the host system. Affec...