CVE-2025-0851
📋 TL;DR
A path traversal vulnerability in Deep Java Library's ZipUtils.unzip and TarUtils.untar functions allows attackers to write files to arbitrary locations on the filesystem. This affects all platforms running vulnerable versions of DJL. Applications using these functions to process untrusted archive files are at risk.
💻 Affected Systems
- Deep Java Library (DJL)
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Full system compromise via arbitrary file write leading to remote code execution, data exfiltration, or complete system takeover.
Likely Case
Arbitrary file overwrite leading to data corruption, privilege escalation, or denial of service.
If Mitigated
Limited impact if only trusted archives are processed and proper file permissions restrict write access.
🎯 Exploit Status
Exploitation requires the application to process a malicious archive file. No authentication needed if archive processing is exposed to untrusted users.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: v0.31.1
Vendor Advisory: https://github.com/deepjavalibrary/djl/security/advisories/GHSA-jcrp-x7w3-ffmg
Restart Required: Yes
Instructions:
1. Update DJL dependency to version 0.31.1 or later. 2. Update pom.xml or build.gradle to specify the new version. 3. Rebuild and redeploy the application. 4. Restart any running services using the patched library.
🔧 Temporary Workarounds
Input validation and sanitization
allValidate and sanitize archive file paths before processing to prevent directory traversal.
Sandbox archive extraction
allExtract archives in isolated directories with restricted permissions.
🧯 If You Can't Patch
- Disable or restrict access to archive processing functionality
- Implement strict input validation to reject archives with path traversal sequences
🔍 How to Verify
Check if Vulnerable:
Check if DJL version is below 0.31.1 and if the application uses ZipUtils.unzip or TarUtils.untar with untrusted input.Check Version:
Check build configuration files (pom.xml, build.gradle) for DJL dependency version.Verify Fix Applied:
Confirm DJL version is 0.31.1 or higher and test archive processing with malicious path traversal payloads.📡 Detection & Monitoring
Log Indicators:
- Unexpected file write operations outside expected extraction directories
- Archive processing errors with path traversal patterns
Network Indicators:
- Unusual archive file uploads to vulnerable endpoints
SIEM Query:
Look for file write events with paths containing '../' sequences in application logs.