luxolus
/
open-nomad
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity
open-nomad/.changelog/12037.txt

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

4 lines
200 B
Plaintext
Raw Normal View History

client: check escaping of alloc dir using symlinks This PR adds symlink resolution when doing validation of paths to ensure they do not escape client allocation directories.
2022-01-27 18:46:56 +00:00
```release-note:security
Resolve symlinks to prevent unauthorized access to files outside the allocation directory. [CVE-2022-24683](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24683)
```