zip-slip
Safeguard articles tagged "zip-slip" — guides, analysis, and best practices for software supply chain and application security.
5 articles
Detecting and preventing Zip Slip and path traversal in Java
Snyk's 2018 Zip Slip disclosure hit Amazon, Apache, and LinkedIn projects at once — here's how the flaw still hides in Java archive code today, and how to catch it.
Zip Slip vulnerability cheat sheet
A concrete, question-driven cheat sheet on Zip Slip: how the archive-extraction path traversal bug works, real CVEs, and how to detect and fix it.
Zip Slip: archive extraction path traversal explained
Zip Slip lets malicious archives write files outside their extraction folder via ../ paths — how it works, real CVEs, and how to detect and fix it.
What is Zip Slip Vulnerability
Zip Slip lets attackers escape archive extraction via path traversal to overwrite files and gain code execution. Here's how it works and how to stop it.
Path Traversal in Dependency Installation: Writing Files Where They Should Not Go
Package archives can contain path traversal sequences that write files outside the expected directory. Most developers never check for this.