‘Zip Slip’ Vulnerability Affects Thousands of Projects Across Many Ecosystems

By [email protected] (Swati Khandelwal) Security researchers at British software firm Snyk have revealed details of a critical vulnerability that affects thousands of projects across many ecosystems and can be exploited by attackers to achieve code execution on the target systems.

Dubbed “Zip Slip,” the issue is an arbitrary file overwrite vulnerability that triggers from a directory traversal attack while extracting files from an

Via:: ‘Zip Slip’ Vulnerability Affects Thousands of Projects Across Many Ecosystems