VYPR
Vendor

Deepjavalibrary

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2025-0851CriJan 29, 2025
    risk 0.59cvss 9.8epss 0.23

    A path traversal issue in ZipUtils.unzip and TarUtils.untar in Deep Java Library (DJL) on all platforms allows a bad actor to write files to arbitrary locations.

  • CVE-2024-37902CriJun 17, 2024
    risk 0.58cvss 10.0epss 0.01

    DeepJavaLibrary(DJL) is an Engine-Agnostic Deep Learning Framework in Java. DJL versions 0.1.0 through 0.27.0 do not prevent absolute path archived artifacts from inserting archived files directly into the system, overwriting system files. This is fixed in DJL 0.28.0 and patched…

  • CVE-2024-2914HigJun 6, 2024
    risk 0.00cvss 8.8epss 0.01

    A TarSlip vulnerability exists in the deepjavalibrary/djl, affecting version 0.26.0 and fixed in version 0.27.0. This vulnerability allows an attacker to manipulate file paths within tar archives to overwrite arbitrary files on the target system. Exploitation of this…