Path traversal

A vulnerability classified as critical has been found in JATOS. Affected is the function ZipUtil of the file modules/common/app/utils/common/ZipUtil.java of the component ZIP Handler. The manipulation leads to path traversal. Upgrading to version 3.7.5-alpha is able to address this issue. The nam...

CVE-2022-4878 JATOS ZIP ZipUtil.java ZipUtil path traversal

A vulnerability classified as critical has been found in JATOS. Affected is the function ZipUtil of the file modules/common/app/utils/common/ZipUtil.java of the component ZIP Handler. The manipulation leads to path traversal. Upgrading to version 3.7.5-alpha is able to address this issue. The nam...

PT-2023-15892 · Jatos · Jatos

Name of the Vulnerable Software and Affected Versions: JATOS versions prior to 3.7.5-alpha Description: A critical vulnerability has been found in JATOS, affecting the ZipUtil function of the ZIP Handler component. This issue leads to path traversal. Recommendations: For versions prior to...

GHSA-47VX-FQR5-J2GW HuTool vulnerable to Uncontrolled Resource Consumption

A vulnerability classified as problematic was found in Dromara HuTool up to 5.8.10. This vulnerability affects unknown code of the file cn.hutool.core.util.ZipUtil.java. The manipulation leads to resource consumption. The attack can be initiated remotely. The exploit has been disclosed to the...

CVE-2022-4565

A vulnerability classified as problematic was found in Dromara HuTool up to 5.8.10. This vulnerability affects unknown code of the file cn.hutool.core.util.ZipUtil.java. The manipulation leads to resource consumption. The attack can be initiated remotely. The exploit has been disclosed to the...

CVE-2022-4565

A vulnerability classified as problematic was found in Dromara HuTool up to 5.8.10. This vulnerability affects unknown code of the file cn.hutool.core.util.ZipUtil.java. The manipulation leads to resource consumption. The attack can be initiated remotely. The exploit has been disclosed to the...

Uncontrolled Resource Consumption

A vulnerability classified as problematic was found in Dromara HuTool up to 5.8.10. This vulnerability affects unknown code of the file cn.hutool.core.util.ZipUtil.java. The manipulation leads to resource consumption. The attack can be initiated remotely. The exploit has been disclosed to the...

PT-2022-27591 · Dromara · Dromara Hutool

Name of the Vulnerable Software and Affected Versions: Dromara HuTool versions up to 5.8.10 Description: A vulnerability was found in Dromara HuTool that affects the file cn.hutool.core.util.ZipUtil.java, leading to resource consumption. The attack can be initiated remotely. Recommendations: For...

CVE-2022-4565

CVE-2022-4565 affects Dromara HuTool up to version 5.8.10, targeting the ZipUtil.java code path (cn.hutool.core.util.ZipUtil). The issue enables uncontrolled resource consumption and can be triggered remotely; exploitation has been disclosed publicly. A fix is available in HuTool 5.8.11. Connecte...

Unzip function in ZipUtil.java in Hutool allows remote attackers to overwrite arbitrary files via directory traversal

The unzip function in ZipUtil.java in Hutool before 4.1.12 allows remote attackers to overwrite arbitrary files via directory traversal sequences in a filename within a ZIP archive...

GHSA-RHQ2-2574-78MC Unzip function in ZipUtil.java in Hutool allows remote attackers to overwrite arbitrary files via directory traversal

The unzip function in ZipUtil.java in Hutool before 4.1.12 allows remote attackers to overwrite arbitrary files via directory traversal sequences in a filename within a ZIP archive...

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The unzip function in ZipUtil.java in Hutool before 4.1.12 allows remote attackers to overwrite arbitrary files via directory traversal sequences in a filename within a ZIP archive...

CVE-2018-17297

The unzip function in ZipUtil.java in Hutool before 4.1.12 allows remote attackers to overwrite arbitrary files via directory traversal sequences in a filename within a ZIP archive...