Security Advisory

CVE-2023-38695

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-08-04 17:25:18
Last updated 2024-10-04 19:39:48
Assigner GitHub_M
State PUBLISHED

Description

cypress-image-snapshot shows visual regressions in Cypress with jest-image-snapshot. Prior to version 8.0.2, its possible for a user to pass a relative file path for the snapshot name and reach outside of the project directory into the machine running the test. This issue has been patched in version 8.0.2.