GHSA-5g3j-89fr-r2vp: skilleton has improper input handling in repository/path processing
skilleton versions prior to 0.3.1 include security-related weaknesses in repository normalization and path handling logic.
Version 0.3.1 contains fixes and additional test coverage for these issues.
References
- github.com/Fcmam5/skilleton
- github.com/Fcmam5/skilleton/pull/9/changes/42bc280ad675bfaa7b1bbc192330fb582bb28172
- github.com/Fcmam5/skilleton/pull/9/changes/6613160803ec8655efee9a270eeaa767ad22da8b
- github.com/Fcmam5/skilleton/security/advisories/GHSA-5g3j-89fr-r2vp
- github.com/advisories/GHSA-5g3j-89fr-r2vp
Code Behaviors & Features
Detect and mitigate GHSA-5g3j-89fr-r2vp with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →