Vulners
Lucene search
2 matches found
CVE-2022-21675
BCV (Bytecode Viewer) versions prior to 2.11.0 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip). A crafted archive with directory traversal filenames (e.g., ../../evil.exe) can overwrite files across formats such as zip, jar, tar, war, cpio, apk, rar, 7z, enabling file ove...
9.9CVSS8.2AI score0.08191EPSS
Exploits0References4Affected Software1
CVE-2022-21675 Bytecode Viewer v2.10.x Zip Slip
Bytecode Viewer BCV is a Java/Android reverse engineering suite. Versions of the package prior to 2.11.0 are vulnerable to Arbitrary File Write via Archive Extraction AKA "Zip Slip". The vulnerability is exploited using a specially crafted archive that holds directory traversal filenames e.g...
9.9CVSS10AI score0.08191EPSS
Exploits0References4
20