diff --git a/database/java/2020/7668.yaml b/database/java/2020/7668.yaml
new file mode 100644
index 0000000000..5cec4d425b
--- /dev/null
+++ b/database/java/2020/7668.yaml
@@ -0,0 +1,15 @@
+---
+cve: 2020-7668
+title: CVE in com.classactionpl.tz:zoneinfo-tz
+description: >
+    The ExtractTo function doesn't securely escape file paths in zip archives which include leading or non-leading "..". This allows an attacker to add or replace files system-wide.
+cvss_v2: 5.0
+references:
+    - https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMUNKNWONCAETZ-570384
+affected:
+    - groupId: com.classactionpl.tz
+      artifactId: zoneinfo-tz
+      version:
+        []
+      fixedin:
+        - ">=1.0.1"