Snyk Report - (decompress-tar@4.1.1), Arbitrary File Write via Archive Extraction (Zip Slip)

# This is a Bug(security) Report

## Description

Snyk (https://snyk.io/) is reporting a security issue with serverless-step-functions@3.15.0 due to a dependency on decompress@4.2.1 => decompress-tar@4.1.1

https://security.snyk.io/vuln/SNYK-JS-DECOMPRESSTAR-559095

## Additional Data
* ***Serverless Framework Core Version you're using***: 2.72.4
* ***The Plugin Version you're using***: 3.15.0
* ***Operating System***: windows/linux


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Snyk Report - ([email protected]), Arbitrary File Write via Archive Extraction (Zip Slip) #588

This is a Bug(security) Report

Description

Additional Data

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Snyk Report - ([email protected]), Arbitrary File Write via Archive Extraction (Zip Slip) #588

Description

This is a Bug(security) Report

Description

Additional Data

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions