CVE-2018-20227

HIGH

RDF4J 2.4.2 - Path Traversal

Title source: llm

Description

RDF4J 2.4.2 allows Directory Traversal via ../ in an entry in a ZIP archive.

Exploits (2)

nomisec STUB
by dawetmaster · poc
https://github.com/dawetmaster/CVE-2018-20227-rdf4j-vulnerable
nomisec STUB
by andikahilmy · poc
https://github.com/andikahilmy/CVE-2018-20227-rdf4j-vulnerable

References (2)

Scores

CVSS v3 7.5
EPSS 0.0141
EPSS Percentile 80.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

CWE
CWE-22
Status published
Products (2)
eclipse/rdf4j < 2.5.0
org.eclipse.rdf4j/rdf4j 0 - 2.5.0Maven
Published Dec 19, 2018
Tracked Since Feb 18, 2026