Zip Slip: a form of directory traversal that can be exploited by extracting files from an archive
In Summary : Zip Slip is a widespread arbitrary file overwrite critical vulnerability, which typically results in remote command executi...
https://updatesinfosec.blogspot.com/2018/06/zip-slip-form-of-directory-traversal.html
In Summary :
Zip Slip is a widespread arbitrary file overwrite critical vulnerability, which typically results in remote command execution. It was discovered and responsibly disclosed by the Snyk Security team ahead of a public disclosure on 5th June 2018, and affects thousands of projects, including ones from HP, Amazon, Apache, Pivotal and many more (CVEs and full list here) . Of course, this type of vulnerability has existed before, but recently it has manifested itself in a much larger number of projects and libraries. [...]
kindly refer the following link as follow up :
https://ift.tt/2syq9ei
Zip Slip is a widespread arbitrary file overwrite critical vulnerability, which typically results in remote command execution. It was discovered and responsibly disclosed by the Snyk Security team ahead of a public disclosure on 5th June 2018, and affects thousands of projects, including ones from HP, Amazon, Apache, Pivotal and many more (CVEs and full list here) . Of course, this type of vulnerability has existed before, but recently it has manifested itself in a much larger number of projects and libraries. [...]
kindly refer the following link as follow up :
https://ift.tt/2syq9ei
