Lucene search
Veracode Vulnerability DatabaseVERACODE:29539HistoryMar 02, 2021 - 5:03 a.m.
Arbitrary File Rewrite
2021-03-0205:03:40
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.001 Low
EPSS
Percentile
40.8%
spring-integration-zip is vulnerable to an arbitrary file rewrite (aka) a zip slip vulnerability. An incomplete fix of CVE-2018-1263 allows an attacker to send a malicious zip archive (bzip2, tar, xz, war, cpio, 7z) with path traversal filenames, leading to writing of files outside of the target directory.
| CPE | Name | Operator | Version |
|---|---|---|---|
| spring integration zip adapter | le | 1.0.3.RELEASE |
Related
cvelist
cvelist
CVE-2021-22114
2021-03-01 17:23:42
CVE-2018-1263
2018-05-09 00:00:00
osv
osv
CVE-2021-22114
2021-03-01 18:15:19
Path Traversal in Spring-integration-zip
2022-03-18 17:40:44
spring-integration-zip Arbitrary File Write
2022-05-13 01:07:04
prion
prion
Path traversal
2021-03-01 18:15:00
Path traversal
2018-05-15 20:29:00
github
github
Path Traversal in Spring-integration-zip
2022-03-18 17:40:44
spring-integration-zip Arbitrary File Write
2022-05-13 01:07:04
nvd
nvd
CVE-2021-22114
2021-03-01 18:15:19
CVE-2018-1263
2018-05-15 20:29:00
cve
cve
CVE-2021-22114
2021-03-01 18:15:19
CVE-2018-1263
2018-05-15 20:29:00
veracode
veracode
Arbitrary File Write
2018-05-14 03:51:04