luxolus/open-nomad
2
0
Fork 0
Code Issues 1 Pull requests Packages Releases Wiki Activity
open-nomad/.changelog/12037.txt
Seth Hoenig 437bb4b86d
client: check escaping of alloc dir using symlinks 
This PR adds symlink resolution when doing validation of paths
to ensure they do not escape client allocation directories.
2022-02-09 19:50:13 -05:00

4 lines
200 B
Plaintext
Raw Blame History

```release-note:security
Resolve symlinks to prevent unauthorized access to files outside the allocation directory. [CVE-2022-24683](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24683)
```
Reference in a new issue View git blame Copy permalink