Linux Distros Unpatched Vulnerability : CVE-2022-24615

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - zip4j up to v2.10.0 can throw various uncaught exceptions while parsing a specially crafted ZIP file, which could result in an application crash. This could be...

Security Bulletin: IBM App Connect Enterprise is affected by a remote attacker due to the zip4j library [CVE-2023-22899]

Summary IBM App Connect Enterprise Transformation Advisor tool is affected by a remote attacker due to the zip4j library CVE-2023-22899. The resolving ifix includes zip4j v2.11.3. Vulnerability Details CVEID:CVE-2023-22899 DESCRIPTION: Zip4j could provide weaker than expected security, caused by...

GHSA-2PJ2-GCHF-WMW7 Zip4j Origin Validation Error

Zip4j through 2.11.2, as used in Threema and other products, does not always check the MAC when decrypting a ZIP archive. This issue has been fixed in version 2.11.3...

UBUNTU-CVE-2023-22899

Zip4j through 2.11.2, as used in Threema and other products, does not always check the MAC when decrypting a ZIP archive...

Zip4j 访问控制错误漏洞

Zip4j is a Java library for zip files and streams from the individual developer Srikanth Reddy Lingala. A security vulnerability exists in Zip4j that stems from the use of Zip4j that does not always check the MAC when decrypting ZIP archives...

CVE-2022-24615

zip4j up to v2.10.0 can throw various uncaught exceptions while parsing a specially crafted ZIP file, which could result in an application crash. This could be used to mount a denial of service attack against services that use zip4j library...

DEBIAN-CVE-2022-24615

zip4j up to v2.10.0 can throw various uncaught exceptions while parsing a specially crafted ZIP file, which could result in an application crash. This could be used to mount a denial of service attack against services that use zip4j library...

UBUNTU-CVE-2022-24615

zip4j up to v2.10.0 can throw various uncaught exceptions while parsing a specially crafted ZIP file, which could result in an application crash. This could be used to mount a denial of service attack against services that use zip4j library...

CVE-2022-24615

zip4j up to v2.10.0 can throw various uncaught exceptions while parsing a specially crafted ZIP file, which could result in an application crash. This could be used to mount a denial of service attack against services that use zip4j library...

CVE-2022-24615

zip4j up to v2.10.0 can throw various uncaught exceptions while parsing a specially crafted ZIP file, which could result in an application crash. This could be used to mount a denial of service attack against services that use zip4j library...

Arbitrary File Write via Archive Extraction (Zip Slip)

Overview net.lingala.zip4j:zip4j is a open source java library to handle zip files. Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip. Successful exploitation of this vulnerability can result in remote command execution. Details It is exploit...