Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-41982

[SNYK] Unsanitized input from a CLI argument flows into os.ReadFile and os.WriteFile

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Normal Normal
    • None
    • 4.14.z, 4.15.z, 4.17.z, 4.16.z, 4.18.0
    • HyperShift
    • None
    • False
    • Hide

      None

      Show
      None

      Error from snyk code test command:

       ✗ [Medium] Path Traversal
         Path: hack/tools/deployment/deployment-update.go, line 118
         Info: Unsanitized input from a CLI argument flows into os.ReadFile, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to read arbitrary files. 

       

       ✗ [Medium] Path Traversal
         Path: hack/tools/deployment/deployment-update.go, line 137
         Info: Unsanitized input from a CLI argument flows into os.WriteFile, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write arbitrary files.

              jparrill@redhat.com Juan Manuel Parrilla Madrid
              jparrill@redhat.com Juan Manuel Parrilla Madrid
              Jie Zhao Jie Zhao
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: