Описание
An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the expandIfZip method in the extract function.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/noble | needs-triage | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | needs-triage | |
| lunar | ignored | end of life, was needs-triage |
| mantic | ignored | end of life, was needs-triage |
| noble | needs-triage |
Показывать по
10
EPSS
Процентиль: 73%
0.00778
Низкий
7.5 High
CVSS3
Связанные уязвимости
CVSS3: 7.5
nvd
больше 2 лет назад
An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the expandIfZip method in the extract function.
CVSS3: 7.5
debian
больше 2 лет назад
An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to o ...
CVSS3: 7.5
github
больше 2 лет назад
pf4j vulnerable to remote code execution via expandIfZip method in the extract function
EPSS
Процентиль: 73%
0.00778
Низкий
7.5 High
CVSS3