Tag
compression
Safeguard articles tagged "compression" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Open Source
pako on npm: Security Review and Safe Usage of the zlib Port
pako is a fast JavaScript port of zlib used for gzip and deflate in the browser and Node. Here is its security profile and how to use it safely on untrusted compressed input.
May 6, 20255 min read
Software Supply Chain Security
Compression Library Vulnerabilities: From zlib to the xz Backdoor
Compression libraries are everywhere and trusted implicitly. The xz backdoor proved that trust can be weaponized. Here is the full picture.
Sep 22, 20226 min read