VulnerableCode Package Details - pkg:maven/com.jcraft/jsch@0.1.43-1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/com.jcraft/jsch@0.1.43-1

Essentials
History (4)

purl	pkg:maven/com.jcraft/jsch@0.1.43-1

Next non-vulnerable version	0.1.54
Latest non-vulnerable version	0.1.54
Risk	10.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-a7zz-d2w6-93ec Aliases: CVE-2016-5725 GHSA-q446-82vq-w674	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ (dot dot backslash) in a response to a recursive GET command.	0.1.54 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T21:50:00.716531+00:00	GitLab Importer	Affected by	VCID-a7zz-d2w6-93ec	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jcraft/jsch/CVE-2016-5725.yml	38.4.0
2026-04-11T23:06:02.830620+00:00	GitLab Importer	Affected by	VCID-a7zz-d2w6-93ec	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jcraft/jsch/CVE-2016-5725.yml	38.3.0
2026-04-02T23:14:17.207976+00:00	GitLab Importer	Affected by	VCID-a7zz-d2w6-93ec	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jcraft/jsch/CVE-2016-5725.yml	38.1.0
2026-04-01T17:34:18.062718+00:00	GitLab Importer	Affected by	VCID-a7zz-d2w6-93ec	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jcraft/jsch/CVE-2016-5725.yml	38.0.0