org.nd4j%3And4j-common@1.0.0-beta2 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the org.nd4j%3And4j-common package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
C Arbitrary File Write via Archive Extraction (Zip Slip) org.nd4j:nd4j-common is a Deeplearning4j, ND4J, DataVec and more - deep learning & linear algebra for Java/Scala with GPUs + Spark - From Skymind. Affected versions of the package are vulnerable to Arbitrary File Write via Archive Extraction (AKA "Zip Slip"). How to fix Arbitrary File Write via Archive Extraction (Zip Slip)? Upgrade `org.nd4j:nd4j-common` to version `1.0.0-beta3` or higher.	[,1.0.0-beta3)

org.nd4j:nd4j-common is a Deeplearning4j, ND4J, DataVec and more - deep learning & linear algebra for Java/Scala with GPUs + Spark - From Skymind.

Affected versions of the package are vulnerable to Arbitrary File Write via Archive Extraction (AKA "Zip Slip").

How to fix Arbitrary File Write via Archive Extraction (Zip Slip)?

Upgrade org.nd4j:nd4j-common to version 1.0.0-beta3 or higher.

[,1.0.0-beta3)