GMS-2023-276: Relative Path Traversal

February 8, 2023 (updated March 6, 2023)

Relative Path Traversal in github.com/nothub/mrpack-install.

References

github.com/advisories/GHSA-r887-gfxh-m9rr
github.com/nothub/mrpack-install/commit/a1f424b6a616d2de95228781eef3b92b9769f23c
github.com/nothub/mrpack-install/releases/tag/v0.16.3
github.com/nothub/mrpack-install/security/advisories/GHSA-r887-gfxh-m9rr

Code Behaviors & Features

Detect and mitigate GMS-2023-276 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →