Описание
@simonsmith/cypress-image-snapshothas fix for insecure snapshot file names
Impact
It's possible for a user to pass a relative file path for the snapshot name and reach outside of the project directory into the machine running the test. Example:
The above will create an ignore-relative-dirs.png three levels up
Patches
Fixed in 8.0.2
Workarounds
Validate all the existing uses of matchImageSnapshot to ensure correct use of the filename argument. Example:
References
https://github.com/simonsmith/cypress-image-snapshot/issues/15
Ссылки
- https://github.com/simonsmith/cypress-image-snapshot/security/advisories/GHSA-vxjg-hchx-cc4g
- https://nvd.nist.gov/vuln/detail/CVE-2023-38695
- https://github.com/simonsmith/cypress-image-snapshot/issues/15
- https://github.com/simonsmith/cypress-image-snapshot/commit/ef49519795daf5183f4fac6f3136e194f20f39f4
- https://github.com/simonsmith/cypress-image-snapshot/releases/tag/8.0.2
Пакеты
@simonsmith/cypress-image-snapshot
<= 8.0.1
8.0.2
Связанные уязвимости
cypress-image-snapshot shows visual regressions in Cypress with jest-image-snapshot. Prior to version 8.0.2, it's possible for a user to pass a relative file path for the snapshot name and reach outside of the project directory into the machine running the test. This issue has been patched in version 8.0.2.