You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@maven.apache.org by hb...@apache.org on 2018/06/06 21:04:06 UTC
[maven-site] branch master updated: added link to research
This is an automated email from the ASF dual-hosted git repository.
hboutemy pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/maven-site.git
The following commit(s) were added to refs/heads/master by this push:
new aa367fd added link to research
aa367fd is described below
commit aa367fd6fef0f871439eff0be11292744f3587a2
Author: Hervé Boutemy <hb...@apache.org>
AuthorDate: Wed Jun 6 23:03:58 2018 +0200
added link to research
---
content/markdown/security-plexus-archiver.md | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/content/markdown/security-plexus-archiver.md b/content/markdown/security-plexus-archiver.md
index 257d640..e9486e0 100644
--- a/content/markdown/security-plexus-archiver.md
+++ b/content/markdown/security-plexus-archiver.md
@@ -1,6 +1,7 @@
# Zip Slip Vulnerability
-As part of a broader research, the Snyk Security Research Team discovered
+As part of [a broader research](https://snyk.io/research/zip-slip-vulnerability),
+the Snyk Security Research Team discovered
an arbitrary file write generic vulnerability, that can be achieved using a
specially crafted zip (or bzip2, gzip, tar, xz, war) archive, that holds
path traversal filenames. So when the filename gets concatenated to the
--
To stop receiving notification emails like this one, please contact
hboutemy@apache.org.