CVE-2025-13265

A weakness has been identified in lsfusion platform up to 6.1. This vulnerability affects the function unpackFile of the file server/src/main/java/lsfusion/server/physics/dev/integration/external/to/file/ZipUtils.java. This manipulation causes path traversal. It is possible to initiate the attack...

CVE-2025-13265

The CVE-2025-13265 entry describes a path-traversal weakness in lsFusion Platform (up to 6.1) affecting ZipUtils.java (file server path: ZipUtils.java, unpackFile function). The underlying issue is improper handling in unpackFile that allows path traversal, and the vulnerability can be triggered ...

lsFusion 路径遍历漏洞

lsFusion is an information system development platform based on a declarative open source language from lsfusion Open Source. A path traversal vulnerability exists in lsfusion 6.1 and earlier versions, which stems from incorrect manipulation of the function in the file...

Directory Traversal (ZipSlip)

torchserve is vulnerable to Directory Traversal. The vulnerability is due to a lack of zip file path validation in ZipUtils.java file. This can lead to unauthorized access to sensitive files and directories on the system...