Severe security vulnerability in Bower’s zip archive extraction
7y agoen
Source
SnykSevere security vulnerability in Bower’s zip archive extractionsnyk.ioEarlier this month it was found that Bower, a popular web package manager, is vulnerable to archive extractions and currently, we can associate two security incidents with it, for which follow-up releases to address them are available
You might also wanna read
Critical 7-Zip vulnerability (CVE-8.8) enables code execution via crafted archive files; update to version 26.01 urged
A critical 8.8-rated CVE vulnerability has been discovered in the popular open-source archive utility 7-Zip. The flaw allows remote code exe
PyPI Implements New Security Measures to Prevent ZIP Parser Confusion Attacks
The Python Package Index (PyPI) is implementing new restrictions to safeguard Python package installers from ZIP parser confusion attacks. T
Analysis of 7-Zip vulnerabilities: CVE-2025-11001 and CVE-2025-11002
ThreatLocker·12d ago
Critical Vulnerability Discovery in Nix Package Manager Ecosystem
The article details how the author and a colleague discovered a critical vulnerability in the Nix package manager ecosystem that could have
Hacker uses Trojanized Python and PHP Packages to Steal AWS Keys
Packetlabs·4y ago
Arch Linux AUR hit by wave of malware-infected package descriptions
The Arch User Repository (AUR) is experiencing a large-scale attack where malicious actors have taken over hundreds of orphaned package desc

Comments
Sign in to join the conversation.
No comments yet. Be the first.