-
Notifications
You must be signed in to change notification settings - Fork 27
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Control the process id in config.json files #4525
Labels
Comments
vlo-rte
added a commit
that referenced
this issue
Jun 13, 2023
Signed-off-by: vlo-rte <valerie.longa@rte-france.com>
Protect the following entry points from misusage and path manipulation: disallow directory traversal characters (#, ?, /, ) to avoid the possibility to alter another directory that is not the one that is used for bundle storage + check the content type of the file provided as it should be considered possible tainted
|
vlo-rte
added a commit
that referenced
this issue
Jun 14, 2023
Signed-off-by: vlo-rte <valerie.longa@rte-france.com>
freddidierRTE
pushed a commit
that referenced
this issue
Jun 14, 2023
Signed-off-by: vlo-rte <valerie.longa@rte-france.com>
vlo-rte
added a commit
that referenced
this issue
Jun 14, 2023
Signed-off-by: vlo-rte <valerie.longa@rte-france.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
check id does not contain ( # , ? , / , \ ) when pushing a bundle to business config
The text was updated successfully, but these errors were encountered: