org.eclipse.rdf4j:rdf4j-util@1.0.2 vulnerabilities

latest version

3.7.7
latest non vulnerable version

3.7.7
first published

8 years ago
latest version published

2 years ago
licenses detected
- EPL-1.0
  [1.0M1,)
package manager

View on Maven Repository

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the org.eclipse.rdf4j:rdf4j-util package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
C Arbitrary File Write via Archive Extraction (Zip Slip) org.eclipse.rdf4j:rdf4j-util is the client code repository for the Eclipse RDF4J project. It contains the main client-facing APIs and the various Rio parser and writer modules. Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip). It allows Directory Traversal via ../ in an entry in a ZIP archive. How to fix Arbitrary File Write via Archive Extraction (Zip Slip)? Upgrade org.eclipse.rdf4j:rdf4j-util to version 2.4.3 or higher.	[,2.4.3)

Vulnerability

Vulnerable Version

Arbitrary File Write via Archive Extraction (Zip Slip)

org.eclipse.rdf4j:rdf4j-util is the client code repository for the Eclipse RDF4J project. It contains the main client-facing APIs and the various Rio parser and writer modules.

Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip). It allows Directory Traversal via ../ in an entry in a ZIP archive.

How to fix Arbitrary File Write via Archive Extraction (Zip Slip)?

Upgrade org.eclipse.rdf4j:rdf4j-util to version 2.4.3 or higher.

[,2.4.3)

Go back to all versions of this package

org.eclipse.rdf4j:rdf4j-util@1.0.2 vulnerabilities

latest version

latest non vulnerable version

first published

latest version published

licenses detected

package manager

Direct Vulnerabilities