cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Exit
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
  • 한국 커뮤니티
0
Upvote

ZIP File Validation Issues in Adobe Package

PixelToPrint48
New Here ,
May 29, 2025 May 29, 2025

Dear Adobe Support Team,

 

I am reaching out to report an issue related to ZIP file validation in your software packages and to request your assistance in addressing it.

As part of a personal project aimed at mitigating ZIP-based vulnerabilities such as ZIP Slip, ZIP Bombs, and ZIP Filename Spoofing. I’ve implemented a set of validation tools to test ZIP and nested ZIP file structures. This effort is part of a broader goal to ensure software integrity and enhance security.

During testing, I prioritized software packages that commonly use ZIP for distribution. While the vast majority passed my validation checks, I encountered issues with Adobe’s package. Specifically, I identified two ZIP files that fail sanitization due to structural issues:

* 1\x64\js\node_modules\thread-stream\test\ts-commonjs-default-export.zip
* 1\x64\js\node_modules\thread-stream\test\dir with spaces\test-package.zip

These files appear to reside within test directories and do not seem essential to the runtime functionality of your software. However, their presence is currently blocking automated deployment validation in my environment.

To help resolve this issue and support secure deployment, I kindly request that Adobe consider one of the following actions for future package distributions:

1. Remove non-essential test ZIP files from distribution packages if they are not critical to software operation.
2. Ensure all included ZIP files are valid and conform to standard ZIP specifications, so they can pass common validation tools.

I understand that managing large-scale software packages is complex, and I sincerely appreciate the high standards Adobe maintains across its offerings. My intention is to collaborate toward a solution that ensures both security and functionality.

If you require more technical details about the validation process or the tools I am using, I would be happy to provide them. Please don’t hesitate to reach out if you’d like to discuss this further.

Thank you for your time and attention. I look forward to your response.

TOPICS
Bug
188
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 1 Reply 1
latest latest Jump to latest reply
Willi Adelberger Community Expert
Community Expert ,
May 29, 2025 May 29, 2025
LATEST

Where does InDesign create any ZIP file. After packaging I have to use a different program to create a ZIP.  

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Learn and Support
Adobe InDesign User Guide
Open in a new window
Adobe InDesign Learn and Support
Open in a new window
Get Started with InDesign
Open in a new window
Adobe InDesign | Common Questions
Open in a new window
Work with Photoshop files in InDesign
Open in a new window
Resources
Tutorials
Open in a new window
InDesign system requirements
Open in a new window
What's new InDesign
Open in a new window
Newsletters
Crash and Slow Performance
Crash on launch
Open in a new window
Slow Performance and Unexpected behaviors
Open in a new window
Known issues
Open in a new window
Copyright © 2025 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices