[VULN] Zip Bomb Vulnerability
asef18766 opened this issue · comments
asef18766 commented
Describe the bug
a vulnerability againest zip bomb
To Reproduce
Steps to reproduce the behavior:
- create a 10 GB image file with all bit filled with 1
- zip it
- send it to server
Expected behavior
return 400 as status code
Current Behavior
server crashed and denied connection , with no logs left available
Possible Solution
use unzip -l to check the decompressed size of file