| Version | Supported |
|---|---|
| 0.0.0 (Current) | ✅ |
ALL VULNERABILITY SHOULD ONLY BE DISCUSSED OR DISCLOSED VIA A SECURE SOURCE, SUCH AS A SECURE EMAIL CHANNEL. DO NOT REPORT VIA THE GITHUB ISSUE TRACKING SYSTEM
If you believe you have found any vulnerability, and would like to report to our core-developers, please do so by sending us an email at [email protected]. It would be much appreciated, and we will handle the issue as soon as possible with minimum disruption.
References:
Code: GitHub
Gosec: Rules
Ageist: Gosec's G304
Measures:
Added a snippet of code for checking whether is the original base directory path is identical to the one where
AminoGo is going to operate on
Examples:
| Pass | Operate Path | Origin Path |
|---|---|---|
| ✔️ | /usr/app/images/mock.jpg | /usr/app/images/ |
| ❌ | /usr/app/images/ | /etc/ |