Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Check] JavaScript: Path Traversal #421

Closed
4 tasks done
inkz opened this issue May 6, 2020 · 1 comment
Closed
4 tasks done

[Check] JavaScript: Path Traversal #421

inkz opened this issue May 6, 2020 · 1 comment
Assignees
@inkz
Labels
check lang:javascript
Milestone
Write Check Packs...

Comments

@inkz
Copy link
Member

inkz commented May 6, 2020
edited
Loading

Check Description
path traversal check inspired by
https://snyk.io/research/zip-slip-vulnerability
https://github.com/snyk/zip-slip-vulnerability

vulnerable code examples:
ZJONSSON/node-unzipper#59
cthackers/adm-zip#212

  • This ticket has links, references, or examples.
  • Your check has true positive and true negative test cases.
  • Your check has been labeled with true positive and false positive findings on at least 10 repositories, and the link is pasted in the ticket. If there are no findings, paste the triager link anyway.
  • Your check PR has been reviewed and merged.
    Now, close the ticket!
@inkz inkz added the check label May 6, 2020
@inkz inkz self-assigned this May 6, 2020
This was referenced May 6, 2020
Closed
Merged
@inkz inkz mentioned this issue Jun 20, 2020
Merged
@inkz
Copy link
Member Author

inkz commented Jun 23, 2020

https://dev.massive.ret2.co/jobs/1088

@inkz inkz closed this as completed Jun 23, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@inkz inkz

Labels
check lang:javascript
Milestone
Write Check Packs for Express (js) an...
Development

No branches or pull requests
1 participant
@inkz