EUVD-2022-2044

Malicious code in bioql PyPI...

EUVD-2022-1146

Malicious code in bioql PyPI...

ai.grakn:grakn-test (>=0.13.0 <=0.15.0), ai.grakn:test-integration (>=0.16.0 <=v1.1.0-226-g847ecff2d8e26f249422247d7665fe15f07b1744) +989 more potentially affected by CVE-2023-22899 via net.lingala.zip4j:zip4j (>=1.2.3 <=2.11.2)

net.lingala.zip4j:zip4j MAVEN version =1.2.3, =0.13.0, =0.16.0, =1.1, =1.9.1, =1.5.1.beta, =1.5.1.beta, =1.5.1.beta, =1.5.1.beta, =2.1.1 - cn.dev8:http-client-com-api =1.4 - cn.dev8:http-client-starter =1.4 - cn.dev8:ktbase =1.4 - cn.dev8:ktflux =1.4 - cn.dev8:ktmvc =1.4 - cn.dev8:ktmyoql =1.4 an...

DEBIAN-CVE-2023-22899

Zip4j through 2.11.2, as used in Threema and other products, does not always check the MAC when decrypting a ZIP archive...

ai.grakn:grakn-test (>=0.13.0 <=0.15.0), ai.grakn:test-integration (>=0.16.0 <=v1.1.0-226-g847ecff2d8e26f249422247d7665fe15f07b1744) +803 more potentially affected by CVE-2018-1002202 via net.lingala.zip4j:zip4j (>=1.2.3 <=1.3.2)

net.lingala.zip4j:zip4j MAVEN version =1.2.3, =0.13.0, =0.16.0, =1.5.0, =1.0.0, =1.0.1, =1.0.4, =2.5.7, =1.1.13, =1.0.7, =1.1.4, =2.1.0, =1.0.0, =3.0.2, =1.0.3, =3.3.0, =3.3.9 and more Source cves: CVE-2018-1002202 Source advisory: OSV:GHSA-2RPM-4X8C-PVQG...

ai.grakn:grakn-test (>=0.13.0 <=0.15.0), ai.grakn:test-integration (>=0.16.0 <=v1.1.0-226-g847ecff2d8e26f249422247d7665fe15f07b1744) +838 more potentially affected by CVE-2022-24615 via net.lingala.zip4j:zip4j (>=1.2.3 <=2.0.2)

net.lingala.zip4j:zip4j MAVEN version =1.2.3, =0.13.0, =0.16.0, =1.5.0, =1.0.0, =1.0.1, =1.0.4, =2.5.7, =1.1.13, =1.0.7, =1.1.4, =2.1.0, =1.0.0, =3.0.2, =1.0.3, =3.3.0, =3.3.9 and more Source cves: CVE-2022-24615 Source advisory: OSV:GHSA-Q62H-JW38-24VH...

CVE-2022-24615

zip4j up to v2.10.0 can throw various uncaught exceptions while parsing a specially crafted ZIP file, which could result in an application crash. This could be used to mount a denial of service attack against services that use zip4j library...

CVE-2022-24615

zip4j up to v2.10.0 can throw various uncaught exceptions while parsing a specially crafted ZIP file, which could result in an application crash. This could be used to mount a denial of service attack against services that use zip4j library...

zip4j 安全漏洞

Zip4j is a Java library for zip files and streams from the individual developer Srikanth Reddy Lingala. A security vulnerability exists in zip4j that stems from the fact that when parsing a specially crafted ZIP file, zip4j up to 2.9.0 can throw various uncaught exceptions, which could cause the...

zip4j directory traversal vulnerability

zip4j is a Java-based library for compression/decompression . A directory traversal vulnerability exists in zip4j versions prior to 1.3.3. The vulnerability can be exploited to write arbitrary files with a specially crafted zip archive file with a directory traversal name...

ai.grakn:grakn-test (>=0.13.0 <=0.15.0), ai.grakn:test-integration (>=0.16.0 <=v1.1.0-226-g847ecff2d8e26f249422247d7665fe15f07b1744) +803 more potentially affected by CVE-2018-1002202 via net.lingala.zip4j:zip4j (>=1.2.3 <=1.3.2)

net.lingala.zip4j:zip4j MAVEN version =1.2.3, =0.13.0, =0.16.0, =1.5.0, =1.0.0, =1.0.1, =1.0.4, =2.5.7, =1.1.13, =1.0.7, =1.1.4, =2.1.0, =1.0.0, =3.0.2, =1.0.3, =3.3.0, =3.3.9 and more Source cves: CVE-2018-1002202 Source advisory: SNYK:JAVA-NETLINGALAZIP4J-31679...