You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
while saving uploaded files, /modeling directly uses os.path.join(work_dir, file.filename) to write to disk without performing basename extraction, path normalization, or rejecting ../ from file.filename.
Caution
Attackers can trigger directory traversal by crafting filenames, allowing them to write files outside the task directory and overwrite other files within the project or the contents of mounted directories on the host machine. This is especially dangerous in Docker development mode because backend:/app is mounted into the container.
while saving uploaded files,
/modelingdirectly usesos.path.join(work_dir, file.filename)to write to disk without performing basename extraction, path normalization, or rejecting../fromfile.filename.Caution
Attackers can trigger directory traversal by crafting filenames, allowing them to write files outside the task directory and overwrite other files within the project or the contents of mounted directories on the host machine. This is especially dangerous in Docker development mode because backend:/app is mounted into the container.