CVE-2025-23011 - Linux Fedora Repository JSP Archive Extraction Path Traversal Vulnerability

3 hours ago 2

ARTICLE AD BOX

CVE ID : CVE-2025-23011
Published : Jan. 23, 2025, 9:15 p.m. | 24 minutes ago
Description : Fedora Repository 3.8.1 allows path traversal when extracting uploaded archives ("Zip Slip"). A remote, authenticated attacker can upload a specially crafted archive that will extract an arbitrary JSP file to a location that can be executed by an unauthenticated GET request. Fedora Repository 3.8.1 was released on 2015-06-11 and is no longer maintained. Migrate to a currently supported version (6.5.1 as of 2025-01-23).
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Read Entire Article

CVE-2025-23011 - Linux Fedora Repository JSP Archive Extraction Path Traversal Vulnerability

ARTICLE AD BOX

Related

CVE-2024-55573 - Centreon centreon-web SQL Injection

CVE-2024-53379 - "Real Time Logic LLC's SharkSSL Heap Buffer...

CVE-2021-42718 - Replicated Classic API Information Disclosu...

Trending

Popular

CVE-2024-6343 - Zyxel ATP, USG FLEX, USG FLEX 50(W), USG20(W...

CVE-2024-5053 - Fluent Forms Mailchimp API Key Update Weakne...

CVE-2024-8367 - HM Courts & Tribunals Service Probate Back O...

CVE-2024-45288 - Apache Nevow Buffer Overflow Vulnerability

CVE-2024-44946 - Linux KCM kcm_sendmsg() UAF