René's URL Explorer Experiment


Title: Introduced protections against "zip slip" attacks by pixeebot[bot] · Pull Request #25 · Pixee-Bot-Java/airbyte-platform · GitHub

Open Graph Title: Introduced protections against "zip slip" attacks by pixeebot[bot] · Pull Request #25 · Pixee-Bot-Java/airbyte-platform

X Title: Introduced protections against "zip slip" attacks by pixeebot[bot] · Pull Request #25 · Pixee-Bot-Java/airbyte-platform

Description: The platform that powers Airbyte. Please file issues in https://github.com/airbytehq/airbyte - Introduced protections against "zip slip" attacks by pixeebot[bot] · Pull Request #25 · Pixee-Bot-Java/airbyte-platform

Open Graph Description: This change updates all new instances of ZipInputStream to protect against malicious entries that attempt to escape their "file root" and overwrite other files on the running filesystem. ...

X Description: This change updates all new instances of ZipInputStream to protect against malicious entries that attempt to escape their "file root" and overwrite other files on the running file...

Opengraph URL: https://github.com/Pixee-Bot-Java/airbyte-platform/pull/25

X: @github

direct link

Domain: patch-diff.githubusercontent.com

route-pattern/_view_fragments/voltron/pull_requests/show/:user_id/:repository/:id/pull_request_layout(.:format)
route-controllervoltron_pull_requests_fragments
route-actionpull_request_layout
fetch-noncev2:ecaee30f-378e-c0fe-1ef9-215c2031ce1a
current-catalog-service-hashae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b
request-idA290:1501ED:16618EA:1C59A3C:69918228
html-safe-nonce2ab1286e62505ca343fe9b61dbfea490d67bff5a02af932c20e16a1eb1a0ab90
visitor-payloadeyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJBMjkwOjE1MDFFRDoxNjYxOEVBOjFDNTlBM0M6Njk5MTgyMjgiLCJ2aXNpdG9yX2lkIjoiMzg5Njg0MTQwODczMzA4NjI0OCIsInJlZ2lvbl9lZGdlIjoiaWFkIiwicmVnaW9uX3JlbmRlciI6ImlhZCJ9
visitor-hmacb4b74c71ddee014e78ae19ceae6abdcc8b42d11bfecf49db7f97b5d25a31cacf
hovercard-subject-tagpull_request:2744710679
github-keyboard-shortcutsrepository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot
google-site-verificationApib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I
octolytics-urlhttps://collector.github.com/github/collect
analytics-location///voltron/pull_requests_fragments/pull_request_layout
fb:app_id1401488693436528
apple-itunes-appapp-id=1477376905, app-argument=https://github.com/_view_fragments/voltron/pull_requests/show/Pixee-Bot-Java/airbyte-platform/25/pull_request_layout
twitter:imagehttps://opengraph.githubassets.com/0f6494c49fe37916440ae25fd76cbd9773f4b9b216fe1020cf785f78ef17f10b/Pixee-Bot-Java/airbyte-platform/pull/25
twitter:cardsummary_large_image
og:imagehttps://opengraph.githubassets.com/0f6494c49fe37916440ae25fd76cbd9773f4b9b216fe1020cf785f78ef17f10b/Pixee-Bot-Java/airbyte-platform/pull/25
og:image:altThis change updates all new instances of ZipInputStream to protect against malicious entries that attempt to escape their "file root" and overwrite other files on the running filesystem. ...
og:image:width1200
og:image:height600
og:site_nameGitHub
og:typeobject
og:author:usernamepixeebot[bot]
hostnamegithub.com
expected-hostnamegithub.com
None42c603b9d642c4a9065a51770f75e5e27132fef0e858607f5c9cb7e422831a7b
turbo-cache-controlno-cache
go-importgithub.com/Pixee-Bot-Java/airbyte-platform git https://github.com/Pixee-Bot-Java/airbyte-platform.git
octolytics-dimension-user_id143516492
octolytics-dimension-user_loginPixee-Bot-Java
octolytics-dimension-repository_id801824639
octolytics-dimension-repository_nwoPixee-Bot-Java/airbyte-platform
octolytics-dimension-repository_publictrue
octolytics-dimension-repository_is_forktrue
octolytics-dimension-repository_parent_id592970656
octolytics-dimension-repository_parent_nwoairbytehq/airbyte-platform
octolytics-dimension-repository_network_root_id592970656
octolytics-dimension-repository_network_root_nwoairbytehq/airbyte-platform
turbo-body-classeslogged-out env-production page-responsive
disable-turbofalse
browser-stats-urlhttps://api.github.com/_private/browser/stats
browser-errors-urlhttps://api.github.com/_private/browser/errors
release848bc6032dcc93a9a7301dcc3f379a72ba13b96e
ui-targetfull
theme-color#1e2327
color-schemelight dark

Links:

Skip to contenthttps://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/pull/25#start-of-content
https://patch-diff.githubusercontent.com/
Sign in https://patch-diff.githubusercontent.com/login?return_to=https%3A%2F%2Fgithub.com%2FPixee-Bot-Java%2Fairbyte-platform%2Fpull%2F25
GitHub CopilotWrite better code with AIhttps://github.com/features/copilot
GitHub SparkBuild and deploy intelligent appshttps://github.com/features/spark
GitHub ModelsManage and compare promptshttps://github.com/features/models
MCP RegistryNewIntegrate external toolshttps://github.com/mcp
ActionsAutomate any workflowhttps://github.com/features/actions
CodespacesInstant dev environmentshttps://github.com/features/codespaces
IssuesPlan and track workhttps://github.com/features/issues
Code ReviewManage code changeshttps://github.com/features/code-review
GitHub Advanced SecurityFind and fix vulnerabilitieshttps://github.com/security/advanced-security
Code securitySecure your code as you buildhttps://github.com/security/advanced-security/code-security
Secret protectionStop leaks before they starthttps://github.com/security/advanced-security/secret-protection
Why GitHubhttps://github.com/why-github
Documentationhttps://docs.github.com
Bloghttps://github.blog
Changeloghttps://github.blog/changelog
Marketplacehttps://github.com/marketplace
View all featureshttps://github.com/features
Enterpriseshttps://github.com/enterprise
Small and medium teamshttps://github.com/team
Startupshttps://github.com/enterprise/startups
Nonprofitshttps://github.com/solutions/industry/nonprofits
App Modernizationhttps://github.com/solutions/use-case/app-modernization
DevSecOpshttps://github.com/solutions/use-case/devsecops
DevOpshttps://github.com/solutions/use-case/devops
CI/CDhttps://github.com/solutions/use-case/ci-cd
View all use caseshttps://github.com/solutions/use-case
Healthcarehttps://github.com/solutions/industry/healthcare
Financial serviceshttps://github.com/solutions/industry/financial-services
Manufacturinghttps://github.com/solutions/industry/manufacturing
Governmenthttps://github.com/solutions/industry/government
View all industrieshttps://github.com/solutions/industry
View all solutionshttps://github.com/solutions
AIhttps://github.com/resources/articles?topic=ai
Software Developmenthttps://github.com/resources/articles?topic=software-development
DevOpshttps://github.com/resources/articles?topic=devops
Securityhttps://github.com/resources/articles?topic=security
View all topicshttps://github.com/resources/articles
Customer storieshttps://github.com/customer-stories
Events & webinarshttps://github.com/resources/events
Ebooks & reportshttps://github.com/resources/whitepapers
Business insightshttps://github.com/solutions/executive-insights
GitHub Skillshttps://skills.github.com
Documentationhttps://docs.github.com
Customer supporthttps://support.github.com
Community forumhttps://github.com/orgs/community/discussions
Trust centerhttps://github.com/trust-center
Partnershttps://github.com/partners
GitHub SponsorsFund open source developershttps://github.com/sponsors
Security Labhttps://securitylab.github.com
Maintainer Communityhttps://maintainers.github.com
Acceleratorhttps://github.com/accelerator
Archive Programhttps://archiveprogram.github.com
Topicshttps://github.com/topics
Trendinghttps://github.com/trending
Collectionshttps://github.com/collections
Enterprise platformAI-powered developer platformhttps://github.com/enterprise
GitHub Advanced SecurityEnterprise-grade security featureshttps://github.com/security/advanced-security
Copilot for BusinessEnterprise-grade AI featureshttps://github.com/features/copilot/copilot-business
Premium SupportEnterprise-grade 24/7 supporthttps://github.com/premium-support
Pricinghttps://github.com/pricing
Search syntax tipshttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
documentationhttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
Sign in https://patch-diff.githubusercontent.com/login?return_to=https%3A%2F%2Fgithub.com%2FPixee-Bot-Java%2Fairbyte-platform%2Fpull%2F25
Sign up https://patch-diff.githubusercontent.com/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F%3Cuser-name%3E%2F%3Crepo-name%3E%2Fvoltron%2Fpull_requests_fragments%2Fpull_request_layout&source=header-repo&source_repo=Pixee-Bot-Java%2Fairbyte-platform
Reloadhttps://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/pull/25
Reloadhttps://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/pull/25
Reloadhttps://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/pull/25
Pixee-Bot-Java https://patch-diff.githubusercontent.com/Pixee-Bot-Java
airbyte-platformhttps://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform
airbytehq/airbyte-platformhttps://patch-diff.githubusercontent.com/airbytehq/airbyte-platform
Notifications https://patch-diff.githubusercontent.com/login?return_to=%2FPixee-Bot-Java%2Fairbyte-platform
Fork 0 https://patch-diff.githubusercontent.com/login?return_to=%2FPixee-Bot-Java%2Fairbyte-platform
Star 0 https://patch-diff.githubusercontent.com/login?return_to=%2FPixee-Bot-Java%2Fairbyte-platform
Code https://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform
Issues 1 https://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/issues
Pull requests 1 https://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/pulls
Actions https://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/actions
Projects 0 https://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/projects
Security 0 https://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/security
Insights https://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/pulse
Code https://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform
Issues https://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/issues
Pull requests https://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/pulls
Actions https://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/actions
Projects https://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/projects
Security https://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/security
Insights https://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/pulse
pixeebot[bot]https://patch-diff.githubusercontent.com/pixeebot[bot]
mainhttps://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/tree/main
pixeebot/drip-2025-08-14-pixee-java/harden-zip-entry-pathshttps://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/tree/pixeebot/drip-2025-08-14-pixee-java/harden-zip-entry-paths
Conversationhttps://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/pull/25
Commits1 (1)https://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/pull/25/commits
Checkshttps://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/pull/25/checks
Files changedhttps://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/pull/25/files
Introduced protections against "zip slip" attackshttps://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/pull/25#top
pixeebot[bot]https://patch-diff.githubusercontent.com/pixeebot[bot]
mainhttps://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/tree/main
pixeebot/drip-2025-08-14-pixee-java/harden-zip-entry-pathshttps://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/tree/pixeebot/drip-2025-08-14-pixee-java/harden-zip-entry-paths
https://patch-diff.githubusercontent.com/apps/pixeebot
pixeebothttps://patch-diff.githubusercontent.com/apps/pixeebot
Aug 14, 2025https://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/pull/25#issue-3320565286
ZipInputStreamhttps://docs.oracle.com/en/java/javase/17/docs/api/java.base/java/util/zip/ZipInputStream.html
everyhttps://stackoverflow.com/a/23870468
piecehttps://stackoverflow.com/a/51285801
zip-processinghttps://kodejava.org/how-do-i-decompress-a-zip-file-using-zipinputstream/
findhttps://www.tabnine.com/code/java/classes/java.util.zip.ZipInputStream
Internethttps://www.baeldung.com/java-compress-and-uncompress
https://cwe.mitre.org/data/definitions/23https://cwe.mitre.org/data/definitions/23
https://snyk.io/research/zip-slip-vulnerabilityhttps://snyk.io/research/zip-slip-vulnerability
https://github.com/snyk/zip-slip-vulnerabilityhttps://github.com/snyk/zip-slip-vulnerability
https://wiki.sei.cmu.edu/confluence/display/java/IDS04-J.+Safely+extract+files+from+ZipInputStreamhttps://wiki.sei.cmu.edu/confluence/display/java/IDS04-J.+Safely+extract+files+from+ZipInputStream
https://vulncat.fortify.com/en/detail?id=desc.dataflow.java.path_manipulation_zip_entry_overwritehttps://vulncat.fortify.com/en/detail?id=desc.dataflow.java.path_manipulation_zip_entry_overwrite
Feedbackhttps://ask.pixee.ai/feedback
Communityhttps://pixee-community.slack.com/signup#/domain-signup
Docshttps://docs.pixee.ai/
https://camo.githubusercontent.com/209d2b086e67489943561230dcbf55d104a7b82cf541061a049703a570d72d4a/68747470733a2f2f64317a6165737361326870736d6a2e636c6f756466726f6e742e6e65742f706978656c2f76312f747261636b3f77726974654b65793d32504934336a4e6d376174597641754b37724a557a334b63643641266576656e743d445249505f505225374350697865652d426f742d4a617661253246616972627974652d706c6174666f726d25374361643737653733356533663164613661346438663232373433613438333962343331363764353630
Please reload this pagehttps://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/pull/25
https://patch-diff.githubusercontent.com/apps/pixeebot
Introduced protections against "zip slip" attackshttps://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/pull/25/commits/ad77e735e3f1da6a4d8f22743a4839b43167d560
ad77e73https://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/pull/25/commits/ad77e735e3f1da6a4d8f22743a4839b43167d560
https://patch-diff.githubusercontent.com/apps/pixeebot
pixeebothttps://patch-diff.githubusercontent.com/apps/pixeebot
Aug 14, 2025 https://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/pull/25#ref-issue-2313904699
🧚🤖 Pixeebot Activity Dashboard #3 https://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/issues/3
https://patch-diff.githubusercontent.com/apps/sonarqubecloud
sonarqubecloudhttps://patch-diff.githubusercontent.com/apps/sonarqubecloud
Aug 14, 2025https://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/pull/25#issuecomment-3186610826
https://sonarcloud.io/dashboard?id=Pixee-Bot-Java_airbyte-platform&pullRequest=25
https://camo.githubusercontent.com/6cc27951a82703bd6a32deed62ec92af84fc495762ca86bc7af5a3ac490c7bda/68747470733a2f2f736f6e6172736f757263652e6769746875622e696f2f736f6e6172636c6f75642d6769746875622d7374617469632d7265736f75726365732f76322f636f6d6d6f6e2f7061737365642d313670782e706e67
0 New issueshttps://sonarcloud.io/project/issues?id=Pixee-Bot-Java_airbyte-platform&pullRequest=25&issueStatuses=OPEN,CONFIRMED&sinceLeakPeriod=true
https://camo.githubusercontent.com/5ad34d7e6f2a5aa0d644209f46bb24fba00f31f704923ce46fe8434f94917f73/68747470733a2f2f736f6e6172736f757263652e6769746875622e696f2f736f6e6172636c6f75642d6769746875622d7374617469632d7265736f75726365732f76322f636f6d6d6f6e2f61636365707465642d313670782e706e67
0 Accepted issueshttps://sonarcloud.io/project/issues?id=Pixee-Bot-Java_airbyte-platform&pullRequest=25&issueStatuses=ACCEPTED
https://camo.githubusercontent.com/6cc27951a82703bd6a32deed62ec92af84fc495762ca86bc7af5a3ac490c7bda/68747470733a2f2f736f6e6172736f757263652e6769746875622e696f2f736f6e6172636c6f75642d6769746875622d7374617469632d7265736f75726365732f76322f636f6d6d6f6e2f7061737365642d313670782e706e67
0 Security Hotspotshttps://sonarcloud.io/project/security_hotspots?id=Pixee-Bot-Java_airbyte-platform&pullRequest=25&issueStatuses=OPEN,CONFIRMED&sinceLeakPeriod=true
https://camo.githubusercontent.com/6cc27951a82703bd6a32deed62ec92af84fc495762ca86bc7af5a3ac490c7bda/68747470733a2f2f736f6e6172736f757263652e6769746875622e696f2f736f6e6172636c6f75642d6769746875622d7374617469632d7265736f75726365732f76322f636f6d6d6f6e2f7061737365642d313670782e706e67
0.0% Coverage on New Codehttps://sonarcloud.io/component_measures?id=Pixee-Bot-Java_airbyte-platform&pullRequest=25&metric=new_coverage&view=list
https://camo.githubusercontent.com/6cc27951a82703bd6a32deed62ec92af84fc495762ca86bc7af5a3ac490c7bda/68747470733a2f2f736f6e6172736f757263652e6769746875622e696f2f736f6e6172636c6f75642d6769746875622d7374617469632d7265736f75726365732f76322f636f6d6d6f6e2f7061737365642d313670782e706e67
0.0% Duplication on New Codehttps://sonarcloud.io/component_measures?id=Pixee-Bot-Java_airbyte-platform&pullRequest=25&metric=new_duplicated_lines_density&view=list
See analysis details on SonarQube Cloudhttps://sonarcloud.io/dashboard?id=Pixee-Bot-Java_airbyte-platform&pullRequest=25
Please reload this pagehttps://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/pull/25
https://github.co/hiddenchars
https://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/pull/{{ revealButtonHref }}
Sign up for freehttps://patch-diff.githubusercontent.com/join?source=comment-repo
Sign in to commenthttps://patch-diff.githubusercontent.com/login?return_to=https%3A%2F%2Fgithub.com%2FPixee-Bot-Java%2Fairbyte-platform%2Fpull%2F25
Please reload this pagehttps://patch-diff.githubusercontent.com/Pixee-Bot-Java/airbyte-platform/pull/25
https://github.com
Termshttps://docs.github.com/site-policy/github-terms/github-terms-of-service
Privacyhttps://docs.github.com/site-policy/privacy-policies/github-privacy-statement
Securityhttps://github.com/security
Statushttps://www.githubstatus.com/
Communityhttps://github.community/
Docshttps://docs.github.com/
Contacthttps://support.github.com?tags=dotcom-footer

Viewport: width=device-width

URLs of crawlers that visited me.