We use cookies to ensure you get the best experience on our website.Read moreRead moreGot it

close
  • Products
    • Products
      • Snyk Open Source
        Avoid vulnerable dependencies
      • Snyk Code
        Secure your code as it’s written
      • Snyk Container
        Keep your base images secure
      • Snyk Infrastructure as Code
        Fix misconfigurations in the cloud
    • Platform
      • What is Snyk?
        See Snyk’s developer-first security platform in action
      • Developer Security Platform
        Secure all the components of the modern cloud native application in a single platform
      • Security Intelligence
        Access our comprehensive vulnerability data to help your own security systems
      • License Compliance Management
        Manage open source license usage in your projects
    • Self-paced security education with Snyk Learn
  • Resources
    • Using Snyk
      • Documentation
      • Vulnerability intelligence
      • Product training
      • Customer success
      • Support portal & FAQ’s
    • learn & connect
      • Blog
      • Community
      • Events & webinars
      • DevSecOps hub
      • Developer & security resources
    • Self-paced security education with Snyk Learn
  • Company
    • About Snyk
    • Customers
    • Partners
    • Newsroom
    • Snyk Impact
    • Contact us
    • Jobs at Snyk We are hiring
  • Pricing
Log inBook a demoSign up
All articles
  • Application Security
  • Cloud Native Security
  • DevSecOps
  • Engineering
  • Partners
  • Snyk Team
  • Show more
    • Vulnerabilities
    • Product
    • Ecosystems
Zip Slip Vulnerability Cheat Sheet
DevSecOps

Zip Slip Vulnerability Cheat Sheet

Simon MapleJune 28, 2018

Zip Slip Vulnerability Cheat Sheet

DOWNLOAD THE CHEAT SHEET!

Following our last two cheat sheets on Local Type Inference in Java and GitHub Security best practices, I’m pleased to continue our series of handy, printable, cheat sheets with a more specific security vulnerability that has affected many thousands of applications. This month’s cheat sheet focuses on the Zip Slip vulnerability. On 5th June 2018, after months of research work with many very well known archive management libraries and projects, we publicly disclosed an Arbitrary File Overwrite vulnerability, dubbed Zip Slip. The vulnerability has manifested itself many times over several decades, but recently has become much more prevalent in high profile codebases across many eco-systems.

Zip Slip is a form of a Directory Traversal that can be exploited by extracting files from an archive. The premise of the Directory Traversal vulnerability is that an attacker can gain access to parts of the file system outside of the target folder in which they should reside. The attacker can then overwrite executable files and either invoke them remotely or wait for the system or user to call them, thus achieving Remote Command Execution on the victim’s machine. The vulnerability can also cause damage by overwriting configuration files or other sensitive resources, and can be exploited on both client (user) machines and servers.

To see an example exploit of this vulnerability, watch the short video below showing how sensitive files might be overwritten, leading to Remote Code Execution:

This cheat sheet covers four of the main ecosystems that were most affected by the Zip Slip vulnerability. For each ecosystem, we show example vulnerable code snippets, followed by validation code that can fix this issue. Rather than duplicate here all of the content we put together about this vulnerability, it’s better to direct you straight to our research and GitHub repo:

Zip Slip Research page – Contains background information about Zip Slip as well as information about Directory Traversal attacks in general. Covers what an exploitable application flow might look like, and what you can do to see if you are vulnerable. Also looks through example vulnerable code snippets for all ecosystems we researched as well as suggested sample validation code.

Zip Slip Community repo – For the latest status on Zip Slip-vulnerable libraries, or to contribute by adding or updating vulnerable codebases, head on over to our community GitHub repo and submit a PR!

Snyk helps you find and fix known vulnerabilities in your dependencies. To get started for free, head over to our sign up page and test your application to see if you’re vulnerable to Zip Slip or any other known vulnerabilities.

DOWNLOAD THE CHEAT SHEET!

Log4Shell resource center

We’ve created an extensive library of Log4Shell resources to help you understand, find and fix this Log4j vulnerability.

Browse Resources
Footer Wave Top
Patch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo Segment
Develop Fast.
Stay Secure.
Snyk|Open Source Security Platform
Sign up for freeBook a demo

Product

  • Developers & DevOps
  • Vulnerability database
  • Pricing
  • Test with GitHub
  • API status
  • IDE plugins
  • What is Snyk?

Resources

  • Snyk Learn
  • Blog
  • Security fundamentals
  • Resources for security leaders
  • Documentation
  • Snyk API
  • Disclosed vulnerabilities
  • Open Source Advisor
  • FAQs
  • Website scanner
  • Japanese site
  • Audit services
  • Web stories

Company

  • About
  • Snyk Impact
  • Customers
  • Jobs at Snyk
  • Snyk for government
  • Legal terms
  • Privacy
  • Press kit
  • Events
  • Security and trust
  • Do not sell my personal information

Connect

  • Book a demo
  • Contact us
  • Support
  • Report a new vuln

Security

  • JavaScript Security
  • Container Security
  • Kubernetes Security
  • Application Security
  • Open Source Security
  • Cloud Security
  • Secure SDLC
  • Cloud Native Security
  • Secure coding
  • Python Code Examples
  • JavaScript Code Examples
Snyk|Open Source Security Platform

Snyk is a developer security platform. Integrating directly into development tools, workflows, and automation pipelines, Snyk makes it easy for teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and infrastructure as code. Supported by industry-leading application and security intelligence, Snyk puts security expertise in any developer's toolkit.

Resources

  • Snyk Learn
  • Blog
  • Security fundamentals
  • Resources for security leaders
  • Documentation
  • Snyk API
  • Disclosed vulnerabilities
  • Open Source Advisor
  • FAQs
  • Website scanner
  • Japanese site
  • Audit services
  • Web stories

Track our development

© 2022 Snyk Limited
Registered in England and Wales
Company number: 09677925
Registered address: Highlands House, Basingstoke Road, Spencers Wood, Reading, Berkshire, RG7 1NT.
Footer Wave Bottom