Description
RDF4J 2.4.2 allows Directory Traversal via ../ in an entry in a ZIP archive.
Remediation
References
https://github.com/eclipse/rdf4j/issues/1210
https://github.com/eclipse/rdf4j/pull/1211/commits/df15a4d7a8f2789c043b27c9eafe1b30316cfa79
Related Vulnerabilities
CVE-2021-23543 Vulnerability in npm package realms-shim
CVE-2021-21348 Vulnerability in maven package com.thoughtworks.xstream:xstream
CVE-2021-23341 Vulnerability in npm package prismjs
CVE-2022-44262 Vulnerability in maven package org.ff4j:ff4j-core
CVE-2021-21363 Vulnerability in maven package io.swagger:swagger-generator