{"uuid": "1e276a07-6dde-4783-bbe0-9804603335fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23011", "type": "seen", "source": "https://t.me/cvedetector/16227", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23011 - Linux Fedora Repository JSP Archive Extraction Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23011 \nPublished : Jan. 23, 2025, 9:15 p.m. | 47\u00a0minutes ago \nDescription : Fedora Repository 3.8.1 allows path traversal when extracting uploaded archives (\"Zip Slip\"). A remote, authenticated attacker can upload a specially crafted archive that will extract an arbitrary JSP file to a location that can be executed by an unauthenticated GET request. Fedora Repository 3.8.1 was released on 2015-06-11 and is no longer maintained. Migrate to a currently supported version (6.5.1 as of 2025-01-23). \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-23T23:20:00.000000Z"}