2023-01-10 00:00:00
mitre
PUBLISHED
Zip4j through 2.11.2, as used in Threema and other products, does not always check the MAC when decrypting a ZIP archive.