Description
RDF4J 2.4.2 allows Directory Traversal via ../ in an entry in a ZIP archive.
Remediation
References
https://github.com/eclipse/rdf4j/pull/1211/commits/df15a4d7a8f2789c043b27c9eafe1b30316cfa79
https://github.com/eclipse/rdf4j/issues/1210
Related Vulnerabilities
CVE-2022-24377 Vulnerability in npm package cycle-import-check
CVE-2019-10808 Vulnerability in npm package utilitify
CVE-2010-4207 Vulnerability in maven package org.webjars:yui
CVE-2022-1295 Vulnerability in maven package org.webjars.bower:fullpage
CVE-2022-3510 Vulnerability in maven package com.google.protobuf:protobuf-javalite