Zip Slip Vulnerability Affects Thousands of Projects Across Multiple Ecosystems

Discussion in '0-day Release' started by silversurfer, Jun 5, 2018.

  1. silversurfer

    silversurfer Malware Tester Silver Member

    Security researchers have disclosed today details about a critical vulnerability impacting open source coding libraries that handle archived files.

    Discovered by the researchers from Synk, the "Zip Slip" vulnerability is an issue in the way coders, plugins, and libraries have implemented the process of decompressing an archived file.

    Numerous archive formats, including tar, jar, war, cpio, apk, rar, and 7z, are affected, meaning this is more of a theoretical issue, rather than a specific coding bug.

    Full Article: https://www.bleepingcomputer.com/ne...sands-of-projects-across-multiple-ecosystems/
     
    Trim, jasonX and RGiskardR like this.
  2. Google Adsense

  3. jasonX

    jasonX Giveaways Moderator Staff Member

    And then there's another vulnerability! Tsk...soon all the freewares will be "paid" if bad people continue to attack them. Thanks for the share.
     
    silversurfer, Trim and RGiskardR like this.

Share This Page