[FELIX-5870] Handle relative path elements in bundle classpath - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: framework-5.6.10
Fix Version/s: framework-6.0.0
Component/s: Framework
Labels:
None

Description

We have to handle relative path elements in the bundle classpath to make sure we are not allowing entries to be unpacked outside of the bundle cache:

https://res.cloudinary.com/snyk/image/upload/v1528192501/zip-slip-vulnerability/technical-whitepaper.pdf

Attachments

Activity

People

Assignee:: Karl Pauls

Reporter:: Karl Pauls

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 15/Jun/18 14:01

Updated:: 09/Jul/18 10:31

Resolved:: 15/Jun/18 14:03