mirror of
https://github.com/Stirling-Tools/Stirling-PDF.git
synced 2025-07-23 13:45:21 +00:00
d15a275406
**Pixee Fix ID:** [203062ab-1b9b-42b8-be64-1358106dccab](https://stirlingpdf.getpixee.com/analysis/3c9d2b94-57c2-4525-9776-c5cd149902c4/fix/203062ab-1b9b-42b8-be64-1358106dccab) <details> <summary>Confidence: <b>HIGH</b></summary> Fix confidence is a rating derived from an internal benchmark and includes High, Medium, and Low confidence fixes. It comprises three weighted scores reflecting the safety, effectiveness and cleanliness of Pixee's code changes within a fix. [View Details in Pixee.](https://stirlingpdf.getpixee.com/analysis/3c9d2b94-57c2-4525-9776-c5cd149902c4/fix/203062ab-1b9b-42b8-be64-1358106dccab) </details> --- ✨✨✨ ## Remediation This change fixes "java/PT" (id = java/PT) identified by Snyk. ## Details Path Traversal is a security vulnerability that allows attackers to gain unauthorized access to files and directories outside the permitted access path by manipulating file paths. The fix involves adding validation to detect potential directory traversal attempts by normalizing the file path and checking if it begins with '..', thereby preventing malicious manipulation. Co-authored-by: pixeebotstirling[bot] <221352955+pixeebotstirling[bot]@users.noreply.github.com>