|Created||Fri Aug 2 13:45:31 2019|
It was found that icedtea-web was vulnerable to a zip-slip attack during auto-extraction of a JAR file. An attacker could use this flaw to write files to...
It was found that icedtea-web did not properly sanitize paths from <jar/> elements in JNLP files. An attacker could trick a victim into running a specially...
It was found that executable code could be injected in a JAR file without compromising the signature verification. An attacker could use this flaw to inject...