Lucene search
K

5 matches found

vulnersOsv
vulnersOsv
added 2022/05/13 1:35 a.m.4 views

ai.grakn:grakn-test (>=0.13.0 <=0.15.0), ai.grakn:test-integration (=v1.1.0-226-g847ecff2d8e26f249422247d7665fe15f07b1744) +803 more potentially affected by CVE-2018-1002202 via net.lingala.zip4j:zip4j (>=1.2.3 <=1.3.2)

net.lingala.zip4j:zip4j MAVEN version =1.2.3, =0.13.0, =1.5.0, =1.0.0, =1.0.1, =1.0.4, =2.5.7, =1.1.13, =1.0.7, =1.1.4, =2.1.0, =1.0.0, =3.0.2, =1.0.3, =3.3.0, =3.3.9 and more Source cves: CVE-2018-1002202 Source advisory: OSV:GHSA-2RPM-4X8C-PVQG...

6.5CVSS6.7AI score0.13088EPSS
Exploits1
NVD
NVD
added 2018/07/25 5:29 p.m.30 views

CVE-2018-1002202

zip4j before 1.3.3 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...

6.5CVSS7AI score0.13088EPSS
Exploits1References4
CVE
CVE
added 2018/07/25 5:0 p.m.84 views

CVE-2018-1002202

CVE-2018-1002202 concerns the zip4j Java library prior to 1.3.3, vulnerable to a directory traversal (Zip-Slip) when extracting a crafted Zip entry containing "..". This can allow writing to arbitrary files on the target system. Reported impact per sources indicates potential integrity impact (hi...

6.5CVSS6.2AI score0.13088EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2018/06/06 2:26 p.m.24 views

CVE-2018-1002202

zip4j before 1.3.3 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...

6.5CVSS5AI score0.13088EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2018/04/17 9:0 p.m.3 views

ai.grakn:grakn-test (>=0.13.0 <=0.15.0), ai.grakn:test-integration (=v1.1.0-226-g847ecff2d8e26f249422247d7665fe15f07b1744) +803 more potentially affected by CVE-2018-1002202 via net.lingala.zip4j:zip4j (>=1.2.3 <=1.3.2)

net.lingala.zip4j:zip4j MAVEN version =1.2.3, =0.13.0, =1.5.0, =1.0.0, =1.0.1, =1.0.4, =2.5.7, =1.1.13, =1.0.7, =1.1.4, =2.1.0, =1.0.0, =3.0.2, =1.0.3, =3.3.0, =3.3.9 and more Source cves: CVE-2018-1002202 Source advisory: SNYK:JAVA-NETLINGALAZIP4J-31679...

6.5CVSS6.7AI score0.13088EPSS
Exploits1
Rows per page
Query Builder