codeql icon indicating copy to clipboard operation
codeql copied to clipboard
verified publisher icon github

Python: Add modelling for `zstd.compression`

Open tausbn opened this issue 1 month ago • 0 comments

See https://docs.python.org/3/library/compression.zstd.html for information about this library.

As far as I can tell, the zstd library is not vulnerable to things like ZipSlip, but it could be vulnerable to a decompression bomb attack, so I extended those models accordingly.

tausbn avatar Dec 09 '25 22:12 tausbn