- Description
- A path traversal issue in ZipUtils.unzip and TarUtils.untar in Deep Java Library (DJL) on all platforms allows a bad actor to write files to arbitrary locations.
- Source
- ff89ba41-3aa1-4d27-914a-91399e9639e5
- NVD status
- Received
CVSS 4.0
- Type
- Secondary
- Base score
- 9.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- CRITICAL
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- ff89ba41-3aa1-4d27-914a-91399e9639e5
- CWE-36
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
1
A critical path traversal vulnerability (CVE-2025-0851) has been identified in the Deep Java Library (DJL), potentially exposing Java AI applications to malicious attacks. Developers using DJL in projects like @LangChain4j, should apply the necessary patches 👇 https://t.co/hhArT
@Michael47242613
22 Feb 2025
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨URGENT🚨 New path traversal vulnerability (CVE-2025-0851) discovered in Deep #Java Library (DJL)! Impacts Java #AI development. Learn how to protect your applications now. ⬇️ https://t.co/8OItsNBPWB
@snyksec
18 Feb 2025
138 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0851 (CVSS 9.8): Deep Java Library Vulnerability Allows Path Traversal Exploits https://t.co/Y8so6HjUAB
@Dinosn
3 Feb 2025
107 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Deep Java Libraryに重大(Critical)な脆弱性。CVE-2025-0851はCVSSスコア9.8で、パストラバーサルの脆弱性で、システム上の任意の箇所にファイルを書き込み可能。SSH鍵を仕込んだりできる。バージョン0.31.1で修正。 https://t.co/oAiHBQQ5Vd
@__kokumoto
3 Feb 2025
687 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
🗣 CVE-2025-0851 (CVSS 9.8): Deep Java Library Vulnerability Allows Path Traversal Exploits https://t.co/KnnqPFUCpC
@fridaysecurity
3 Feb 2025
79 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0851 (CVSS 9.8): Deep Java Library Vulnerability Allows Path Traversal Exploits Learn about CVE-2025-0851, a newly discovered vulnerability in DJL, and how it can leave systems open to potential attacks https://t.co/fiPoxq5nDW
@the_yellow_fall
3 Feb 2025
156 Impressions
1 Retweet
4 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-0851 A path traversal issue in ZipUtils.unzip and TarUtils.untar in Deep Java Library (DJL) on all platforms allows a bad actor to write files to arbitrary locations. https://t.co/trQPc4hYmh
@CVEnew
29 Jan 2025
310 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-0851: CRITICAL] A path traversal issue in ZipUtils.unzip and TarUtils.untar in Deep Java Library (DJL) on all platforms allows a bad actor to write files to arbitrary locations.#cybersecurity,#vulnerability https://t.co/7BOML0EJKs https://t.co/NDKi0Q3QK8
@CveFindCom
29 Jan 2025
65 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes