mirror of
https://github.com/Stirling-Tools/Stirling-PDF.git
synced 2025-07-26 07:05:22 +00:00
76d150289e
**Pixee Fix ID:** [54568072-e1ef-4428-9da3-46b9197f6dcd](https://stirlingpdf.getpixee.com/analysis/3c9d2b94-57c2-4525-9776-c5cd149902c4/fix/54568072-e1ef-4428-9da3-46b9197f6dcd) <details> <summary>Confidence: <b>HIGH</b></summary> Fix confidence is a rating derived from an internal benchmark and includes High, Medium, and Low confidence fixes. It comprises three weighted scores reflecting the safety, effectiveness and cleanliness of Pixee's code changes within a fix. [View Details in Pixee.](https://stirlingpdf.getpixee.com/analysis/3c9d2b94-57c2-4525-9776-c5cd149902c4/fix/54568072-e1ef-4428-9da3-46b9197f6dcd) </details> --- ✨✨✨ ## Remediation This change fixes "java/Ssrf" (id = java/Ssrf) identified by Snyk. ## Details Server-Side Request Forgery (SSRF) can allow attackers to make unauthorized requests from the server, potentially accessing sensitive internal systems. The fix involved adding a validation check to ensure that the 'operation' parameter matches a safe regex pattern, thereby preventing such vulnerabilities. Co-authored-by: pixeebotstirling[bot] <221352955+pixeebotstirling[bot]@users.noreply.github.com>