com.github.junrar:junrar@1.0.0 vulnerabilities
-
latest version
7.5.5
-
latest non vulnerable version
-
first published
12 years ago
-
latest version published
10 months ago
-
licenses detected
- [0.7,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the com.github.junrar:junrar package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
com.github.junrar:junrar is a rar decompression library in plain java. Affected versions of this package are vulnerable to Denial of Service (DoS). A carefully crafted RAR archive can trigger an infinite loop while parsing the file. Note: The impact depends solely on how the application uses the library, and whether files can be provided by malignant users. How to fix Denial of Service (DoS)? Upgrade |
[,7.4.1)
|
com.github.junrar:junrar is a plain java unrar util. Affected versions of this package are vulnerable to Denial of Service (DoS) attacks due to an infinite loop when handling corrupt RAR files. How to fix Denial of Service (DoS)? Upgrade |
[,1.0.1)
|