CVE-2025-0851

Published: Jan 29, 2025
Updated: Aug 11, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2025-0851" target="_blank" rel="noopener"> CVE-2025-0851
GHSA: <a href="https://github.com/advisories/GHSA-jcrp-x7w3-ffmg" target="_blank" rel="noopener"> GHSA-jcrp-x7w3-ffmg
Severity: Critical
Exploit:

A path traversal issue in ZipUtils.unzip and TarUtils.untar in Deep Java Library (DJL) on all platforms allows a bad actor to write files to arbitrary locations.