This issue tracker has been migrated to GitHub,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
Created on 2020-01-15 09:57 by vstinner, last changed 2022-04-11 14:59 by admin. This issue is now closed.
Files | ||||
---|---|---|---|---|
File name | Uploaded | Description | Edit | |
create_zip.py | vstinner, 2020-01-15 09:58 | |||
poc.py | vstinner, 2020-01-15 10:00 | |||
malicious.zip | vstinner, 2020-01-15 10:00 |
History | |||
---|---|---|---|
Date | User | Action | Args |
2022-04-11 14:59:25 | admin | set | github: 83522 |
2020-02-10 07:59:22 | vstinner | set | status: open -> closed superseder: [security] CVE-2019-9674: Zip Bomb vulnerability messages: + msg361672 resolution: duplicate stage: resolved |
2020-01-15 13:18:10 | vstinner | set | messages: + msg360053 |
2020-01-15 12:01:19 | serhiy.storchaka | set | messages: + msg360045 |
2020-01-15 10:15:58 | xtreak | set | nosy:
+ xtreak, serhiy.storchaka messages: + msg360038 |
2020-01-15 10:12:31 | vstinner | set | messages: + msg360037 |
2020-01-15 10:06:21 | vstinner | set | messages: + msg360036 |
2020-01-15 10:00:52 | vstinner | set | nosy:
+ christian.heimes, rschiron title: zipfile: ZIP Bomb vulnerability, don't check announced uncompressed size -> [security] zipfile: ZIP Bomb vulnerability, don't check announced uncompressed size |
2020-01-15 10:00:34 | vstinner | set | files: + malicious.zip |
2020-01-15 10:00:24 | vstinner | set | files: + poc.py |
2020-01-15 09:58:21 | vstinner | set | files: + create_zip.py |
2020-01-15 09:57:18 | vstinner | create |