mirror of
https://github.com/Stirling-Tools/Stirling-PDF.git
synced 2025-07-23 13:45:21 +00:00
ed894f021b
**Pixee Fix ID:** [dab7f6f1-da39-4654-a537-2de8eee936db](https://stirlingpdf.getpixee.com/analysis/3c9d2b94-57c2-4525-9776-c5cd149902c4/fix/dab7f6f1-da39-4654-a537-2de8eee936db) <details> <summary>Confidence: <b>HIGH</b></summary> Fix confidence is a rating derived from an internal benchmark and includes High, Medium, and Low confidence fixes. It comprises three weighted scores reflecting the safety, effectiveness and cleanliness of Pixee's code changes within a fix. [View Details in Pixee.](https://stirlingpdf.getpixee.com/analysis/3c9d2b94-57c2-4525-9776-c5cd149902c4/fix/dab7f6f1-da39-4654-a537-2de8eee936db) </details> --- ✨✨✨ ## Remediation This change fixes "java/PT" (id = java/PT) identified by Snyk. ## Details Path Traversal is a security vulnerability that allows attackers to access files and directories stored outside the web root folder. The impact can include unauthorized access to sensitive files. The fix involved adding validation checks on filenames to ensure they do not contain suspicious patterns like '..' or '/' which are indicative of path traversal attempts. Co-authored-by: pixeebotstirling[bot] <221352955+pixeebotstirling[bot]@users.noreply.github.com>