PT-2018-15295 · Eclipse · Rdf4J

Bart Hanssens

Publicado

2018-12-19

Atualizado

2024-08-16

CVE-2018-20227

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions RDF4J versions 2.4.2 through 2.4.2 RDF4J versions prior to 2.5.0

Description The issue allows Directory Traversal via ../ in an entry in a ZIP archive.

Recommendations For RDF4J version 2.4.2, update to version 2.5.0 or later. For RDF4J versions prior to 2.5.0, update to version 2.5.0 or later.

Exploit

Correção

Path traversal

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

CVE-2018-20227

GHSA-X3CR-X949-H5JV

Rdf4J