[issue35909] Zip Slip Vulnerability

uhei3nn9 Wed, 06 Feb 2019 01:37:43 -0800


New submission from uhei3nn9 <uhei3...@mailbox.org>:


As has been discovered in 06.2018 the python library is affected by the zip 
slip vulbnerability (meaning code execution)

The affected section https://github.com/python/cpython/blob/3.7/Lib/tarfile.py 
has not been patched since then.

Therefore it seems python has not yet fixed this vulnerability.


Source:
https://github.com/snyk/zip-slip-vulnerability

----------
components: Library (Lib)
messages: 334910
nosy: uhei3nn9
priority: normal
severity: normal
status: open
title: Zip Slip Vulnerability
type: security
versions: Python 2.7, Python 3.4, Python 3.5, Python 3.6, Python 3.7, Python 3.8

_______________________________________
Python tracker <rep...@bugs.python.org>
<https://bugs.python.org/issue35909>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue35909] Zip Slip Vulnerability

Reply via email to