Open-Source Security: Zip Slip Critical Flaw Hits Thousands of Projects. Update Now

Full Article :

Linux.com - https://www.linux.com/news/open-source-security-zip-slip-critical-flaw-hits-thousands-projects-update-now-0

Security firm Snyk has disclosed a widespread and critical flaw in multiple archive file-extraction libraries found in thousands of open-source web application projects from HP, Amazon, Apache, Oracle, LinkedIn, Twitter and others.

As Snyk explains, some ecosystems, such as Java, don’t provide a central software library for fully unpacking archive files, leading developers to write their own code snippets to enable that functionality.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: