Описание
zip4j up to v2.10.0 can throw various uncaught exceptions while parsing a specially crafted ZIP file, which could result in an application crash. This could be used to mount a denial of service attack against services that use zip4j library.
Отчет
This flaw will not be addressed in CodeReady Studio because CodeReady Studio is not longer supported. Please see https://developers.redhat.com/articles/2022/04/18/announcement-red-hat-codeready-studio-reaches-end-life for more information.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat CodeReady Studio 12 | zip4j | Out of support scope |
Показывать по
Дополнительная информация
Статус:
5.5 Medium
CVSS3
Связанные уязвимости
zip4j up to v2.10.0 can throw various uncaught exceptions while parsing a specially crafted ZIP file, which could result in an application crash. This could be used to mount a denial of service attack against services that use zip4j library.
zip4j up to v2.10.0 can throw various uncaught exceptions while parsing a specially crafted ZIP file, which could result in an application crash. This could be used to mount a denial of service attack against services that use zip4j library.
zip4j up to v2.10.0 can throw various uncaught exceptions while parsin ...
5.5 Medium
CVSS3