Why is this an issue?
In \internal/repositories/docker/adapter.go:583-586\\, same path traversal bypass issue as #238. The \strings.Contains(path, \"..\")\\ check is insufficient and can be bypassed with \..././../etc/passwd\\ pattern.
What is causing it?
Simple string matching for \..\\ does not catch encoded or multi-level traversal patterns.
How can it be solved?
Use \filepath.Clean(path) != path\\ or validate the resolved path starts with the expected directory.
Category
Severity
Why is this an issue?
In \
internal/repositories/docker/adapter.go:583-586\\, same path traversal bypass issue as #238. The \strings.Contains(path, \"..\")\\check is insufficient and can be bypassed with \..././../etc/passwd\\pattern.What is causing it?
Simple string matching for \
..\\does not catch encoded or multi-level traversal patterns.How can it be solved?
Use \
filepath.Clean(path) != path\\or validate the resolved path starts with the expected directory.Category
Severity