关于[Prevent Zip Slip in .NET]的摘要:
In the previous post, I wrote about zip bombs. It was about not extracting files that are too big. One of the points of the previous post was about not trusting the zip entry headers. The vulnerability I'll explain in this post is quite the same. This time it's about the path traversal.
原文地址: https://www.meziantou.net/prevent-zip-slip-in-dotnet.htm