EPSS
Percentile
90.0%
org.apache.linkis:linkis-common is vulnerable to Remote Code Execution (RCE). Lack of proper checking of supplied zip paths in ZipUtils.scala allows an attacker to upload and execute malicious code on the system.
zip
ZipUtils.scala
github.com/apache/linkis/commit/9a6b010378b2c95975dd5e232f5fb95e0df7f094
github.com/apache/linkis/pull/4279
lists.apache.org/thread/6n1vlvnyn441rm02zdqc0wnpckj8ltn8
www.openwall.com/lists/oss-security/2023/04/10/2