RT @niconiconi: 【「掉链子」安全漏洞来袭!】安全研究人员曝光了 Zip Slip 漏洞,这一漏洞是广泛流传的不正确应用代码造成的,允许恶意压缩包 (tar, jar, rar, 7z, apk, ...) 任意覆盖文件,从而导致远程命令任意执行,并广泛存在于 JavaScript, Ruby, .NET, Go 等多种语言的程序库中,而且 Java 的问题格外严重。影响上千软件项目。立刻按照指示检查并修复你的应用程序!snyk.io/research/zip-slip-vuln

Sign in to participate in the conversation
Mastodon

Generalistic and moderated instance. All opinions are welcome, but hate speeches are prohibited. Users who don't respect rules will be silenced or suspended, depending on the violation severity.