kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
99866 commits 1 branch 0 tags 899 MiB
Commit graph

2 commits

Author SHA1 Message Date
Nick Thomas
69645389e9
Prevent a path traversal attack on global file templates 
The API permits path traversal characters like '../' to be passed down
to the template finder. Detect these requests and cause them to fail
with a 500 response code.
 2018-12-05 14:12:35 +00:00
Nick Thomas
ffd164d27f
Fix bugs in Gitlab::Template::Finders preventing instances from BaseTemplate.all from loading content 2018-08-14 22:28:46 +01:00