-
Currently the standard library does not provide any "simple" helper to avoid `filepath.Join` path traversals. As a result, I've had to include similar functions in several projects:
* Docker has [s…
-
- Your Rocket.Chat.Android app version: ---
- Your Rocket.Chat.iOS app version: ---
- Your Rocket.Chat server version: ---
- Device model (or emulator) you're running with: Android
…
-
2019-04-24T00:38:31.314-0400 ClassGraph Finding nested classpath elements
2019-04-24T00:38:31.424-0400 ClassGraph -- Final classpath element order:
2019-04-24T00:38:31.424-0400 Cl…
-
The following [Snyk vulnerability feed](https://app.snyk.io/org/cds-snc/) should be included in the IRCC [upgrade.md](https://github.com/cds-snc/ircc-rescheduler/blob/master/docs/upgrade.md) process. …
ghost updated
6 years ago
-
Hi,
This module currently uses `unzipper` version 0.7.x which is known to be vulnerable to the recently disclosed Zip Slip `Arbitrary File Write via Archive Extraction (Zip Slip)` attack. Can you p…
-
Currently the `plexus-archiver` is at 2.8.1 which has the following know vulnerabilities:
* https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002200
* https://cwe.mitre.org/data/definit…
-
CVE IDs (if any)
---------------------
CVE-2018-1002209
Other security advisory IDs (if any)
------------------------------------------------
MGASA-2018-0362
Patches (if any)
----------…
-
**Is this a request for help?**:
NO
**Is this a BUG REPORT or a FEATURE REQUEST?**:
BUG REPORT
**Version of Anchore Engine and Anchore CLI if applicable**:
```shell
$ anchore-cli --version
…
-
On Thu, Jul 19, 2018 at 8:10 AM Harold Dost wrote:
I have been reviewing libraries that our company uses. I first looked to the primary libraries which are mentioned in https://github.com/snyk/zip-s…
-
test this file.
https://github.com/snyk/zip-slip-vulnerability/blob/master/archives/zip-slip.zip
```
$unzip = new \Fuel\Core\Unzip();
$unzip->extract('/path/to/zip-slip.zip');
`…