[ home / random / search / manage ] [ overboard ] [ tech / v / crime / sci ] [ mu / lit / vis / tv / a ] [ pol / his / classics / cn ] [ b / biz / sp / fa / test ]

/tech/ - technology

technology, infosecurity, programming, internet culture and more.

Catalog

Name
Email
Subject
Comment *
File
* = required field[▶ Show post options & limits]
Confused? See the FAQ.
Options
Password (For file and post deletion.)

Allowed file types:jpg, jpeg, gif, png, webm, mp4
Max filesize is 5 MB.
Max image dimensions are 10000 x 10000.
You may upload 5 per post.


File: 1571476333844.png (7.59 KB, 150x150, 1:1)

 No.101

>Zip Slip is a widespread arbitrary file overwrite critical vulnerability, which typically results in remote command execution. It was discovered and responsibly disclosed by the Snyk Security team ahead of a public disclosure on 5th June 2018, and affects thousands of projects, including ones from HP, Amazon, Apache, Pivotal and many more (CVEs and full list here) . Of course, this type of vulnerability has existed before, but recently it has manifested itself in a much larger number of projects and libraries.

https://github.com/snyk/zip-slip-vulnerability

https://snyk.io/research/zip-slip-vulnerability



[Return][Go to top][Catalog][Post a Reply]
Delete Post [ ]
[]
[ home / random / search / manage ] [ overboard ] [ tech / v / crime / sci ] [ mu / lit / vis / tv / a ] [ pol / his / classics / cn ] [ b / biz / sp / fa / test ]