-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Insecure code in cloudinary-cli/modules/upload_dir.py #79
Comments
Hey @simran-sankhala I can work on this issue. |
Thank you for assigning me, will get back to you asap, when i am ready with the solution |
@HeetVekariya before you begin this there is already a pull request opened by @simran-sankhala that needs to be reviewed. If that PR is invalid and the issue opens up you're welcome to submit a PR yourself This issue has also not been reviewed by the team to determine if it's needed so we'll need to wait to hear back as well |
@colbyfayock is this still valid? |
@gagandeepp looks like the guy who originally opened a PR (@simran-sankhala ) is not responding, feel free to take his PR, fix all the issues and submit yours. |
This is the PR: |
@colbyfayock @const-cloudinary do you want me to work on separate branch or update the changes on this branch itself? |
@gagandeepp , yes, you can fork it and submit your changes. |
Bug report for Cloudinary CLI
there were a few areas where security could be a concern:
Input Sanitization and Validation:
The code doesn't appear to have extensive input validation or sanitization for user-provided arguments and options. This could potentially lead to issues like code injection or unexpected behavior if malicious input is provided.
…
Issue Type (Can be multiple)
Operating System
The text was updated successfully, but these errors were encountered: