Lucene search
+L

64 matches found

osv
osv
added 2026/04/11 4:2 p.m.2 views

MINI-PF4J-XW3G-QPF2

Bulletin has no description...

9CVSS5.7AI score0.00658EPSS
Exploits0
veracode
veracode
added 2026/03/28 5:3 a.m.8 views

Path Traversal

pf4j is vulnerable to Path Traversal. The vulnerability is due to improper handling of zip entry names, where a lack of proper path normalization and validation can allow directory traversal or Zip Slip attacks...

7.5CVSS5.9AI score0.00856EPSS
Exploits1References5Affected Software1
nessus
nessus
added 2026/03/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-70952

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pf4j before 20c2f80 has a path traversal vulnerability in the extract function of Unzip.java, where improper handling of zip entry names can allow directory...

7.5CVSS6.1AI score0.00856EPSS
Exploits1References3
vulnersosv
vulnersosv
added 2026/03/25 9:30 p.m.6 views

care.better.pf4j:pf4j-kotlin-symbol-processing (>=2.1.0-1.0.2 <=2.3.10-1.0.4), cn.sliew:carp-dist (>=0.0.1 <=0.0.34) +596 more potentially affected by CVE-2025-70952 via org.pf4j:pf4j (>=2.0.0 <=3.14.0)

org.pf4j:pf4j MAVEN version =2.0.0, =2.1.0-1.0.2, =0.0.1, =0.0.42, =0.0.63, =0.0.64, =0.0.66, =0.0.63, =0.0.49, =0.0.61, =0.0.61, =0.0.13, =0.0.1, =0.0.33, =0.0.33, =0.0.33, =0.0.34 and more Source cves: CVE-2025-70952 Source advisory: OSV:GHSA-5458-7HH9-V7P4...

7.5CVSS5.7AI score0.00856EPSS
Exploits1
euvd
euvd
added 2026/03/25 9:30 p.m.5 views

EUVD-2025-209006

pf4j before 20c2f80 has a path traversal vulnerability in the extract function of Unzip.java, where improper handling of zip entry names can allow directory traversal or Zip Slip attacks, due to a lack of proper path normalization and validation...

5.8AI score0.00856EPSS
Exploits1References5
osv
osv
added 2026/03/25 9:30 p.m.4 views

GHSA-5458-7HH9-V7P4 pf4j is vulnerable to Path Traversal or Zip Slip attack through improper handling of zip entry names

pf4j before 20c2f80 has a path traversal vulnerability in the extract function of Unzip.java, where improper handling of zip entry names can allow directory traversal or Zip Slip attacks, due to a lack of proper path normalization and validation...

8.7CVSS5.9AI score0.00856EPSS
Exploits1References6
vulnersosv
vulnersosv
added 2026/03/25 8:31 p.m.7 views

care.better.pf4j:pf4j-kotlin-symbol-processing (>=2.1.0-1.0.2 <=2.3.10-1.0.4), cn.sliew:carp-dist (>=0.0.1 <=0.0.34) +567 more potentially affected by CVE-2025-70952 via org.pf4j:pf4j (>=3.0.1 <=3.14.0)

org.pf4j:pf4j MAVEN version =3.0.1, =2.1.0-1.0.2, =0.0.1, =0.0.42, =0.0.63, =0.0.64, =0.0.66, =0.0.63, =0.0.49, =0.0.61, =0.0.61, =0.0.13, =0.0.1, =0.0.33, =0.0.33, =0.0.33, =0.0.34 and more Source cves: CVE-2025-70952 Source advisory: SNYK:JAVA-ORGPF4J-15766713...

7.5CVSS5.7AI score0.00856EPSS
Exploits1
osv
osv
added 2026/03/25 7:16 p.m.3 views

DEBIAN-CVE-2025-70952

pf4j before 20c2f80 has a path traversal vulnerability in the extract function of Unzip.java, where improper handling of zip entry names can allow directory traversal or Zip Slip attacks, due to a lack of proper path normalization and validation...

7.5CVSS5.4AI score0.00856EPSS
Exploits1References1
ubuntucve
ubuntucve
added 2026/03/25 7:16 p.m.5 views

CVE-2025-70952

pf4j before 20c2f80 has a path traversal vulnerability in the extract function of Unzip.java, where improper handling of zip entry names can allow directory traversal or Zip Slip attacks, due to a lack of proper path normalization and validation...

7.5CVSS5.9AI score0.00856EPSS
Exploits1References5
osv
osv
added 2026/03/25 7:16 p.m.4 views

UBUNTU-CVE-2025-70952

pf4j before 20c2f80 has a path traversal vulnerability in the extract function of Unzip.java, where improper handling of zip entry names can allow directory traversal or Zip Slip attacks, due to a lack of proper path normalization and validation...

7.5CVSS5.8AI score0.00856EPSS
Exploits1References6
attackerkb
attackerkb
added 2026/03/25 12:0 a.m.2 views

CVE-2025-70952

pf4j before 20c2f80 has a path traversal vulnerability in the extract function of Unzip.java, where improper handling of zip entry names can allow directory traversal or Zip Slip attacks, due to a lack of proper path normalization and validation...

5.8AI score0.00856EPSS
Exploits1References5
cvelist
cvelist
added 2026/03/25 12:0 a.m.24 views

CVE-2025-70952

pf4j before 20c2f80 has a path traversal vulnerability in the extract function of Unzip.java, where improper handling of zip entry names can allow directory traversal or Zip Slip attacks, due to a lack of proper path normalization and validation...

0.00856EPSS
Exploits1References4
cve
cve
added 2026/03/25 12:0 a.m.27 views

CVE-2025-70952

pf4j (up to version before 20c2f80) contains a path traversal/Zip Slip vulnerability in Unzip.java: extract() mishandles zip entry names due to missing path normalization and validation. This can enable directory traversal and unauthorized file write. Affected component is the unzip logic; impact...

7.5CVSS5.8AI score0.00856EPSS
Exploits1References4Affected Software1
osv
osv
added 2026/03/25 12:0 a.m.2 views

CVE-2025-70952

pf4j before 20c2f80 has a path traversal vulnerability in the extract function of Unzip.java, where improper handling of zip entry names can allow directory traversal or Zip Slip attacks, due to a lack of proper path normalization and validation...

7.5CVSS6AI score0.00856EPSS
Exploits1References6
osv
osv
added 2026/03/16 6:15 p.m.14 views

MINI-583M-PF4J-63V2

Bulletin has no description...

7.5CVSS5.7AI score0.0115EPSS
Exploits0
redhatcve
redhatcve
added 2026/01/09 12:30 p.m.9 views

CVE-2023-40828

An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the expandIfZip method in the extract function...

7.5CVSS7.4AI score0.01293EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 12:28 p.m.3 views

CVE-2023-40827

An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the loadpluginPath parameter...

7.5CVSS7.6AI score0.01492EPSS
Exploits1References1
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-2352

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01492EPSS
Exploits1References5
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-2273

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01293EPSS
Exploits0References5
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-2197

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01141EPSS
Exploits1References3
Rows per page
Query Builder