Skip to content

iris-sast/zip4j

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
src/main/java
src/main/java
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
pom.xml
pom.xml
 
 

Repository files navigation

zip4j

This repository contains decompiled source code for the zip4j library versions 1.3.2 (vulnerable) and 1.3.3 (fixed) for CVE-2018-1002202, for the CWE-Bench-Java dataset. The original zip4j repository on Github doesn't include code from these versions.

Versions

Version 1.3.2 (Vulnerable)

  • Tag: 1.3.2
  • Status: Contains path traversal vulnerability
  • Source: Decompiled from zip4j-1.3.2-sources.jar
  • Buggy Commit: d87ffa2d64ffb3a0a1cf0c7a69c7b19d7015bfde
  • 1.3.2 sources jar download page

Version 1.3.3 (Fixed)

  • Tag: 1.3.3
  • Status: Vulnerability patched
  • Source: Decompiled from zip4j-1.3.3-sources.jar
  • Fixed Commit: 59aeea594ff885e06c25751dc6334dfea1bed8c6
  • 1.3.3 sources jar download page

Original Project

About

CWE-Bench-Java CVE-2018-1002202 versions 1.3.2, 1.3.3

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

2 tags

Packages

No packages published

Languages