CVE-2025-4533 | JeecgBoot up to 3.8.0 Document Library Upload zip unzipFile resource consumption (Issue 8199)

Inserito da Angelo Barbosa | Mag 10, 2025 | CVE

A vulnerability classified as problematic was found in JeecgBoot up to 3.8.0. This vulnerability affects the function unzipFile of the file /jeecg-boot/airag/knowledge/doc/import/zip of the component Document Library Upload. The manipulation of the argument File leads to resource consumption.

This vulnerability was named CVE-2025-4533. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-4533 | JeecgBoot up to 3.8.0 Document Library Upload zip unzipFile resource consumption (Issue 8199)

Post correlati

CVE-2024-21893 | Ivanti Connect Secure/Policy Secure up to 9.1R18/22.6R2 SAML server-side request forgery

CVE-2024-35238 | stacklok Minder up to 0.0.50 $checksumref allocation of resources

CVE-2024-13170 | Ivanti Endpoint Manager out-of-bounds write

CVE-2024-45508 | HTMLDOC up to 1.9.18 ps-pdf.cxx parse_paragraph out-of-bounds write (Issue 528)