3 matches found
CVE-2024-24569
The Pixee Java Code Security Toolkit is a set of security APIs meant to help secure Java code. ZipSecurityisBelowCurrentDirectory is vulnerable to a partial-path traversal bypass. To be vulnerable to the bypass, the application must use toolkit version =1.1.1, use ZipSecurity as a guard against...
CVE-2024-24569 `ZipSecurity#isBelowCurrentDirectory` is vulnerable to partial-path traversal vulnerability
The Pixee Java Code Security Toolkit is a set of security APIs meant to help secure Java code. ZipSecurityisBelowCurrentDirectory is vulnerable to a partial-path traversal bypass. To be vulnerable to the bypass, the application must use toolkit version =1.1.1, use ZipSecurity as a guard against...
Java Code Security Toolkit Path Traversal Vulnerability
The Java Code Security Toolkit is a set of security APIs designed to help secure Java code. A path traversal vulnerability exists in Java Code Security Toolkit 1.1.1 and prior versions, which stems from ZipSecurityisBelowCurrentDirectory being susceptible to a partial path traversal vulnerability...