CVE-2023-22899
Zip4j through 2.11.2, as used in Threema and other products, does not always check the MAC when decrypting a ZIP archive.
5.9CVSS
5.8AI Score
0.001EPSS