-
Bug
-
Resolution: Unresolved
-
Normal
-
None
-
4.14.z, 4.15.z, 4.17.z, 4.16.z, 4.18.0
-
None
-
False
-
Error from snyk code test command:
✗ [Medium] Path Traversal Path: hack/tools/deployment/deployment-update.go, line 118 Info: Unsanitized input from a CLI argument flows into os.ReadFile, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to read arbitrary files.
✗ [Medium] Path Traversal Path: hack/tools/deployment/deployment-update.go, line 137 Info: Unsanitized input from a CLI argument flows into os.WriteFile, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write arbitrary files.
- clones
-
OCPBUGS-41935 Unsanitized input into IgnitionServer from HTTP header
- Closed
- is cloned by
-
OCPBUGS-41983 [SNYK] Unsanitized input from a CLI argument flows into os.WriteFile
- Closed