CVE-2023-22899

Origin Validation Error in maven/net.lingala.zip4j/zip4j

Identifiers

CVE-2023-22899

Package Slug

maven/net.lingala.zip4j/zip4j

Vulnerability

Origin Validation Error

Description

Zip4j through 2.11.2, as used in Threema and other products, does not always check the MAC when decrypting a ZIP archive.

Affected Versions

All versions up to 2.11.2

Solution

Unfortunately, there is no solution available yet.

Last Modified

2023-01-15

source