Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Check for file path when extracting the archive
This vulnerability is present in many open-source projects because the particular code snippet has been copy-pasted from project to project. It's not a critical issue for frontend-maven-plugin, because there is no viable attack vector that would be closed by this patch. But the code here is patched anyways, so that people who copy-paste the code will have a patched copy of it. The vulnerability was found by Snyk Security Research Team.
- Loading branch information