zip4j 1.3.3 does not exist

Question

Closed this issue 6 years ago · 1 comments

The README says that the zip4j library fixes this vulnerability in its version '1.3.3'.

But this version is not available in the maven repository (https://mvnrepository.com/artifact/net.lingala.zip4j/zip4j) and the linked jar in the developer's page is almost empty (783 bytes) (http://www.lingala.net/zip4j/download.php)

Answer 1 · 2019-05-19T06:35:18.000Z

Version 1.3.3 with Zip slip fix is now available in maven repository