snyk/zip-slip-vulnerability

Issues

• Add Joomla! (CVE-2022-23793)?

  #43 opened 3 years ago by EgidioRomano
  0

• how to add ../ in tar file

  #42 opened 3 years ago by mikelueng
  4

• Separate CVE for related symlink vulnerability?

  #41 opened 4 years ago by coolaj86
  0

• Reference to Python mitigation

  #4 opened 7 years ago by tirkarthi
  6

• zip4j links to vulnerable version

  #33 opened 5 years ago by dmurch-gresham
  2

• zip4j 1.3.3 does not exist

  #25 opened 6 years ago by j4rv
  1

• Kind of feature request: Providing other format samples

  #5 opened 7 years ago by s-stexx
  3

• Include previous work

  #31 opened 6 years ago by normanr
  1

• [Question:NOTANISSUE]: How to create a vulnerable zip-archive from unix commandline?

  #24 opened 6 years ago by sansstudent
  0

• How can I know which apps are *actually* affected?

  #23 opened 6 years ago by xori22
  0

• Also need to strip off leading `/` characters to sanitize zip entry paths

  #20 opened 6 years ago by lukehutch
  4

• Question: Does this affect rpms when run through rpm2cpio

  #17 opened 7 years ago by elv1s
  4

• java: link to updated Oracle documentation

  #18 opened 7 years ago by ecki
  2

• RubyZip 1.2.1 fix of an vulnerability

  #9 opened 7 years ago by glebglazov
  1

• repeat failed...

  #3 opened 7 years ago by ekko-zhao
  4

• Would be great to provide some guideline best practices for mitigation

  #8 opened 7 years ago by robross0606
  1