Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Hotfix for file download vulnerability #1851

Merged
merged 1 commit into from
Sep 27, 2023

Conversation

vinkabuki
Copy link
Contributor

A malicious user can overwrite another user's files if they supply a filename that escapes the download directory (e.g. ../../../profile.sh). Prevent this by using UUIDs for filenames for now and revisit this in the future.

Pull Request Checklist

  • I have linked this PR to related GitHub issue.
  • I have updated the CHANGELOG.md file with relevant changes (the file is located at the root of monorepo).

A malicious user can overwrite another user's files if they supply a
filename that escapes the download directory (e.g.
../../../profile.sh). Prevent this by using UUIDs for filenames for
now and revisit this in the future.
@leblowl leblowl force-pushed the master branch 5 times, most recently from 39f379e to 7d577cf Compare September 25, 2023 23:24
@vinkabuki vinkabuki closed this Sep 26, 2023
@leblowl leblowl reopened this Sep 27, 2023
@leblowl leblowl merged commit 9d6c7dd into master Sep 27, 2023
18 of 23 checks passed
@leblowl
Copy link
Collaborator

leblowl commented Sep 27, 2023

Oops, thought this was merging into develop. Change is already on master

@siepra siepra deleted the pr-1.9.2-hotfix-file-download-path branch December 8, 2023 12:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants