March 16, 2023 at 11:47AM

■□□□□ CVE-2023-22899: Zip4j through 2.11.2, as used in Threema and other products, does not always check the MAC when decrypting a ZIP archive.

https://t.me/cKure/12210

Rating (of articles):
●○○○○ = Ignorable
●●○○○ = Average
●●●○○ = Good
●●●●○ = Very Good
●●●●● = Excellent
None  = Top-Class

 i@ckure.esy.es