Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Normal
Fix Version/s: None
Affects Version/s: 4.14.z, 4.15.z, 4.17.z, 4.16.z, 4.18.0
Component/s: HyperShift
Labels:
- no-qe
- snyk
- triaged

Regression:
None
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Target Version:

4.18.0

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Error from snyk code test command:

 ✗ [Medium] Path Traversal
   Path: ignition-server/controllers/local_ignitionprovider.go, line 487
   Info: Unsanitized input from file name flows into os.Open, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to open arbitrary files.

 ✗ [Medium] Path Traversal
   Path: ignition-server/controllers/local_ignitionprovider.go, line 693
   Info: Unsanitized input from file name flows into os.Open, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to open arbitrary files.

clones

OCPBUGS-41983 [SNYK] Unsanitized input from a CLI argument flows into os.WriteFile

Closed

is cloned by

OCPBUGS-41985 [SNYK] Unsanitized input from file name flows into os.Open (line 693)

Closed

Assignee:: Juan Manuel Parrilla Madrid

Reporter:: Juan Manuel Parrilla Madrid

QA Contact:: Jie Zhao

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2024/09/16 9:15 AM

Updated:: 2024/09/16 9:27 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates