Zip Slip Vulnerability Advisory
On 5th June 2018 Snyk Security team disclosed a Zip Slip vulnerability, which could result in potential command execution using a specially crafted archive that holds directory traversal filenames . Reference: https://snyk.io/research/zip-slip-vulnerability Description Attackers could use a specially crafted archive holding directory traversal filenames (e.g. ../../evil.sh) to trigger this vulnerability. Once a vulnerable code database […]