VYPR
Moderate severityNVD Advisory· Published Dec 14, 2020· Updated May 5, 2025

CVE-2020-35460

CVE-2020-35460

Description

common/InputStreamHelper.java in Packwood MPXJ before 8.3.5 allows directory traversal in the zip stream handler flow, leading to the writing of files to arbitrary locations.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
net.sf.mpxj:mpxjMaven
< 8.3.58.3.5

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.