CyberSec.Space Logo
CVEブラウザに戻る

CVE-2018-20227

HIGH
7.5
CVSS Severity Score
EPSS Score0.1740%
EPSS Percentile15.60th
Published2018年12月19日
Last Modified2024年11月21日

Vulnerability Description

RDF4J 2.4.2 allows Directory Traversal via ../ in an entry in a ZIP archive.

Affected Platforms (CPE)

📦
Eclipse

Rdf4j

< 2.5.0

References & Advisories

🔗 https://github.com/eclipse/rdf4j/issues/1210
🔗 https://github.com/eclipse/rdf4j/pull/1211/commits/df15a4d7a8f2789c043b27c9eafe1b30316cfa79
🔗 https://github.com/eclipse/rdf4j/issues/1210
🔗 https://github.com/eclipse/rdf4j/pull/1211/commits/df15a4d7a8f2789c043b27c9eafe1b30316cfa79

関連する脆弱性情報

CVE-2018-100064410.0

Eclipse RDF4j version < 2.4.0 Milestone 2 contains a XML External Entity (XXE) vulnerability in RDF4j XML parser parsing RDF files...

CVE-2018-422910.0

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Grand Central Dispatc...

CVE-2018-1472110.0

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by ...

CVE-2018-696810.0

The VMware AirWatch Agent for Android prior to 8.2 and AirWatch Agent for Windows Mobile prior to 6.5.2 contain a remote code exec...