# [HIGH] Behind the disclosure: the Zip Slip vulnerability

**Source:** Snyk
**Published:** 2018-08-15
**Article:** https://snyk.io/blog/behind-the-disclosure-the-zip-slip-vulnerability/

## Threat Profile

Snyk Blog In this article
Written by Simon Maple 
Danny Grander 
August 15, 2018
0 mins read In June 2018, the Snyk research team found many exploitable instances of the Zip Slip vulnerability in various ecosystems that affected thousands of applications. This kind of wide reaching vulnerability requires a well thought out private disclosure process so that vulnerable libraries and projects are warned about their exposure before public disclosures are made. But how does one find, fix and disclos…

## Indicators of Compromise (high-fidelity only)

- **CVE:** `CVE-2018-8008`
- **CVE:** `CVE-2018-8009`

## MITRE ATT&CK Techniques

- **T1190** — Exploit Public-Facing Application

## Kill chain phases observed

_(none detected from narrative keywords)_

## Recommended hunts

### IOC-driven hunts (use shared templates)

These are standard IOC-substitution hunts — the canonical SPL and KQL live once in [`_TEMPLATES.md`](../_TEMPLATES.md), so we don't repeat the same boilerplate on every CVE / hash / network-IOC briefing.

- **Asset exposure — vulnerability matches article CVE(s)** ([template](../_TEMPLATES.md#asset-exposure)) — phase: **recon**, confidence: **High**
  - CVE(s): `CVE-2018-8008`, `CVE-2018-8009`


## Why this matters

Severity classified as **HIGH** based on: CVE present, 1 use case(s) fired, 1 technique(s) inferred. Read the full article for actor attribution, tooling details, and any defanged IOCs in the body that aren't visible in the RSS summary.