Описание
gitingest before 9996a06 mishandles symbolic links that point outside of the base directory.
gitingest before 9996a06 mishandles symbolic links that point outside of the base directory.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2024-56074
- https://github.com/cyclotruc/gitingest/pull/23
- https://github.com/cyclotruc/gitingest/commit/9996a06a94450497c1abb35997f5e6cbc9b571ff
- https://github.com/cyclotruc/gitingest/blob/9996a06a94450497c1abb35997f5e6cbc9b571ff/src/ingest.py#L22-L30
- https://github.com/cyclotruc/gitingest/blob/9996a06a94450497c1abb35997f5e6cbc9b571ff/src/ingest.py#L99-L100
- https://gitingest.com
Связанные уязвимости
CVSS3: 5.5
nvd
около 1 года назад
gitingest before 9996a06 mishandles symbolic links that point outside of the base directory.