{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-70952", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-03-25T18:34:46.661Z", "dateReserved": "2026-01-09T00:00:00.000Z", "datePublished": "2026-03-25T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-25T18:34:46.661Z"}, "descriptions": [{"lang": "en", "value": "pf4j before 20c2f80 has a path traversal vulnerability in the extract() function of Unzip.java, where improper handling of zip entry names can allow directory traversal or Zip Slip attacks, due to a lack of proper path normalization and validation."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/pf4j/pf4j/issues/618"}, {"url": "https://github.com/pf4j/pf4j/issues/623"}, {"url": "https://github.com/pf4j/pf4j/commit/20c2f80089d1ea779e22c2de5f109a0bce4e1b14"}, {"url": "https://gist.github.com/weaver4VD/410f23adb24ef5f5077f021f4393e705"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}}, "dataVersion": "5.2"}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "pf4j before 20c2f80 has a path traversal vulnerability in the extract() function of Unzip.java, where improper handling of zip entry names can allow directory traversal or Zip Slip attacks, due to a lack of proper path normalization and validation."}], "id": "CVE-2025-70952", "lastModified": "2026-03-26T15:13:15.790", "metrics": {}, "published": "2026-03-25T19:16:28.260", "references": [{"source": "cve@mitre.org", "url": "https://gist.github.com/weaver4VD/410f23adb24ef5f5077f021f4393e705"}, {"source": "cve@mitre.org", "url": "https://github.com/pf4j/pf4j/commit/20c2f80089d1ea779e22c2de5f109a0bce4e1b14"}, {"source": "cve@mitre.org", "url": "https://github.com/pf4j/pf4j/issues/618"}, {"source": "cve@mitre.org", "url": "https://github.com/pf4j/pf4j/issues/623"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis"}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[0,20c2f80)"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "pf4j", "vendor": "pf4j"}], "analysis": {"en": {"generated_at": "2026-03-26T16:38:31.123142+00:00", "value": {"mitigation_remediation": ["Update PF4J to a version that includes commit 20c2f80 or later; the fix is available from the PF4J GitHub repository.", "Verify that all deployed PF4J packages have been upgraded and no legacy 20c2f80\u2011earlier artifacts remain in the application classpath.", "If an immediate upgrade is not possible, limit the extraction routine to trusted ZIP archives and add application\u2011level path validation before invoking Unzip.extract().", "Monitor the PF4J issue tracker and vendor advisories for further updates or related vulnerabilities."], "summary": {"action": "Patch Now", "impact": "Path Traversal via Zip Slip"}, "threat_synthesis": {"affected_systems": "All installations of the PF4J plugin framework that rely on a version before the commit 20c2f80 are affected. The vulnerability applies to any environment where PF4J handles plugin ZIP archives, regardless of the host application or operating system.", "description_and_impact": "A flaw in PF4J\u2019s Unzip.extract() routine allows attackers to craft ZIP files whose internal path names bypass validation, causing extraction to write files outside the intended directory. This path traversal vulnerability (CWE\u201122) can overwrite configuration files, place arbitrary scripts, or otherwise compromise the integrity of the host system.", "risk_and_exploitability": "The EPSS score is reported as less than 1%, and the issue is not listed in the CISA Known Exploited Vulnerabilities catalog, indicating a low overall exploitation probability. However, exploitation requires an attacker to supply a malicious ZIP to the application's extraction routine, which can be feasible if the application accepts user\u2011supplied ZIP files for plugin deployment or other purposes. When successful, the flaw can provide the attacker with file overwrite capability that may lead to significant impacts on confidentiality, integrity, or availability."}}}}, "created": "2026-03-25T20:56:58.451015+00:00", "updated": "2026-03-27T09:20:26.533034+00:00", "vendors": ["pf4j", "pf4j$PRODUCT$pf4j"]}