Voila - path traversal vulnerability

voila-dashboards / voila

Voilà turns Jupyter notebooks into standalone web applications

https://voila.readthedocs.io

Other

5.31k stars 497 forks source link

Voila - path traversal vulnerability #1438

Closed sustarun closed 5 months ago

sustarun commented 5 months ago

Description

We have a voila instance on a linux server which has been detected for path traversal vulnerability. Anyone faced this before? Would like to know any possible solution to it.

Context

voila version: 0.4.1
Operating System and version: RedHat Linux 7.9
Browser and version: Chrome v119

martinRenou commented 5 months ago

Thank you for opening an issue @sustarun.

Would you be able to send me an email at martin.renou@quantstack.net with more information about what you've found? I'll make sure to have the relevant people on the email thread.

Closing this issue for now. Thank you.