Vulnerabilities > Vmware > Spring Integration ZIP > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-03-01 CVE-2021-22114 Path Traversal vulnerability in VMWare Spring Integration ZIP
Addresses partial fix in CVE-2018-1263.
network
low complexity
vmware CWE-22
5.3
5.3
2018-05-15 CVE-2018-1263 Path Traversal vulnerability in VMWare Spring Integration ZIP 1.0.0/1.0.1
Addresses partial fix in CVE-2018-1261.
local
high complexity
vmware CWE-22
4.7
4.7
2018-05-11 CVE-2018-1261 Path Traversal vulnerability in VMWare Spring Integration ZIP 1.0.0
Spring-integration-zip versions prior to 1.0.1 exposes an arbitrary file write vulnerability, which can be achieved using a specially crafted zip archive (affects other archives as well, bzip2, tar, xz, war, cpio, 7z) that holds path traversal filenames.
local
high complexity
vmware CWE-22
4.7
4.7