com.github.junrar:junrar (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package com.github.junrar:junrar, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (4)
CVE-2022-23596 — CVSS 7.5 (high): Junrar is an open source java RAR archive library. In affected versions A carefully crafted RAR archive can trigger an infinite loop while…
CVE-2026-28208 — CVSS 5.9 (medium): Junrar is an open source java RAR archive library. Prior to version 7.5.8, a backslash path traversal vulnerability in…
CVE-2026-41245 — CVSS 5.9 (medium): Junrar is an open source java RAR archive library. Prior to version 7.5.10, a path traversal vulnerability in `LocalFolderExtractor` allows…
CVE-2018-12418 — CVSS 5.5 (medium): Archive.java in Junrar before 1.0.1, as used in Apache Tika and other products, is affected by a denial of service vulnerability due to an…