Description
RDF4J 2.4.2 allows Directory Traversal via ../ in an entry in a ZIP archive.
Remediation
References
https://github.com/eclipse/rdf4j/issues/1210
https://github.com/eclipse/rdf4j/pull/1211/commits/df15a4d7a8f2789c043b27c9eafe1b30316cfa79
Related Vulnerabilities
CVE-2021-41303 Vulnerability in maven package org.apache.shiro:shiro-core
CVE-2016-0710 Vulnerability in maven package org.apache.portals.jetspeed-2:jetspeed-security
CVE-2023-37960 Vulnerability in maven package io.jenkins.plugins:mathworks-polyspace
CVE-2020-23849 Vulnerability in npm package jsoneditor
CVE-2020-7766 Vulnerability in maven package org.webjars.npm:json-ptr