Find real vulnerabilities before they ship
Vulnerability Database › maven › CVE-2023-22899
Zip4j through 2.11.2, as used in Threema and other products, does not always check the MAC when decrypting a ZIP archive.
Base Score