Lucene search
+L

7 matches found

redhatcve
redhatcve
added 2026/03/26 3:19 p.m.3 views

CVE-2025-70952

pf4j before 20c2f80 has a path traversal vulnerability in the extract function of Unzip.java, where improper handling of zip entry names can allow directory traversal or Zip Slip attacks, due to a lack of proper path normalization and validation...

5.8AI score0.00856EPSS
Exploits1References1
osv
osv
added 2026/03/25 7:16 p.m.3 views

DEBIAN-CVE-2025-70952

pf4j before 20c2f80 has a path traversal vulnerability in the extract function of Unzip.java, where improper handling of zip entry names can allow directory traversal or Zip Slip attacks, due to a lack of proper path normalization and validation...

7.5CVSS5.4AI score0.00856EPSS
Exploits1References1
ptsecurity
ptsecurity
added 2026/03/25 12:0 a.m.6 views

PT-2026-28084

pf4j before 20c2f80 has a path traversal vulnerability in the extract function of Unzip.java, where improper handling of zip entry names can allow directory traversal or Zip Slip attacks, due to a lack of proper path normalization and validation...

5.8AI score0.00856EPSS
Exploits1References5
attackerkb
attackerkb
added 2026/03/25 12:0 a.m.2 views

CVE-2025-70952

pf4j before 20c2f80 has a path traversal vulnerability in the extract function of Unzip.java, where improper handling of zip entry names can allow directory traversal or Zip Slip attacks, due to a lack of proper path normalization and validation...

5.8AI score0.00856EPSS
Exploits1References5
cvelist
cvelist
added 2026/03/25 12:0 a.m.24 views

CVE-2025-70952

pf4j before 20c2f80 has a path traversal vulnerability in the extract function of Unzip.java, where improper handling of zip entry names can allow directory traversal or Zip Slip attacks, due to a lack of proper path normalization and validation...

0.00856EPSS
Exploits1References4
debiancve
debiancve
added 2026/03/25 12:0 a.m.5 views

CVE-2025-70952

pf4j before 20c2f80 has a path traversal vulnerability in the extract function of Unzip.java, where improper handling of zip entry names can allow directory traversal or Zip Slip attacks, due to a lack of proper path normalization and validation...

7.5CVSS5.4AI score0.00856EPSS
Exploits1
cve
cve
added 2026/03/25 12:0 a.m.27 views

CVE-2025-70952

pf4j (up to version before 20c2f80) contains a path traversal/Zip Slip vulnerability in Unzip.java: extract() mishandles zip entry names due to missing path normalization and validation. This can enable directory traversal and unauthorized file write. Affected component is the unzip logic; impact...

7.5CVSS5.8AI score0.00856EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder