Skip to content
This repository has been archived by the owner on Jun 3, 2020. It is now read-only.

Handle ZipSlip vulnerability when processing ZipEntry names in a zip file #60

Open
bjhargrave opened this issue Mar 12, 2020 · 0 comments
Open

Handle ZipSlip vulnerability when processing ZipEntry names in a zip file #60

bjhargrave opened this issue Mar 12, 2020 · 0 comments
Labels
enhancement New feature or request

Comments

@bjhargrave
Copy link
Collaborator

See https://github.com/bndtools/bnd/blob/ea6b9b1d3e097a443d707a6623d8542044bf4c94/aQute.libg/src/aQute/lib/zip/ZipUtil.java#L29-L76 for a method to clean a zip entry name which fails upon a malformed zip entry name.
@tbitonti tbitonti added the enhancement New feature or request label Apr 14, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bjhargrave @tbitonti