{"id":"CVE-2022-4583","details":"A vulnerability was found in jLEMS. It has been declared as critical. Affected by this vulnerability is the function unpackJar of the file src/main/java/org/lemsml/jlems/io/util/JUtil.java. The manipulation leads to path traversal. The attack can be launched remotely. The name of the patch is 8c224637d7d561076364a9e3c2c375daeaf463dc. It is recommended to apply a patch to fix this issue. The identifier VDB-216169 was assigned to this vulnerability.","modified":"2026-04-11T23:22:39.673348Z","published":"2022-12-17T13:15:09.400Z","references":[{"type":"ADVISORY","url":"https://vuldb.com/?id.216169"},{"type":"FIX","url":"https://github.com/LEMS/jLEMS/pull/103"},{"type":"FIX","url":"https://github.com/LEMS/jLEMS/commit/8c224637d7d561076364a9e3c2c375daeaf463dc"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/lems/jlems","events":[{"introduced":"0"},{"fixed":"8c224637d7d561076364a9e3c2c375daeaf463dc"}]},{"type":"GIT","repo":"https://github.com/lems/jlems","events":[{"introduced":"0"},{"fixed":"8c224637d7d561076364a9e3c2c375daeaf463dc"}]}],"versions":["NMLv2.0","NMLv2.1","NMLv2beta1","NMLv2beta2","NMLv2beta3","NMLv2beta4","NMLv2beta5","v0.10.6","v0.9.8.9","v0.9.9.0","v0.9.9.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-4583.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"2022-07-29"}]}],"vanir_signatures_modified":"2026-04-11T23:22:39Z","vanir_signatures":[{"signature_type":"Function","id":"CVE-2022-4583-3076639d","digest":{"length":623,"function_hash":"85637178508715191342609613947276225398"},"target":{"file":"src/main/java/org/lemsml/jlems/io/util/JUtil.java","function":"unpackJar"},"deprecated":false,"source":"https://github.com/lems/jlems/commit/8c224637d7d561076364a9e3c2c375daeaf463dc","signature_version":"v1"},{"signature_type":"Line","id":"CVE-2022-4583-d0c2fb53","digest":{"threshold":0.9,"line_hashes":["152606805068696018789427731765077540029","266297286955623399310449074144817368415","326164573717228987909116196545931391959","297030734130383234503473496366310586026"]},"target":{"file":"src/main/java/org/lemsml/jlems/io/util/JUtil.java"},"deprecated":false,"source":"https://github.com/lems/jlems/commit/8c224637d7d561076364a9e3c2c375daeaf463dc","signature_version":"v1"}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}