Actions
Bug #19969
closed
Don't allow directory traversal through plugin URL
Status:
Released
Priority:
N/A
Assignee:
Category:
Plugins integration
Target version:
Pull Request:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
To do
Fix check:
To do
Regression:
Description
Currently the plugin are downloaded to the temporary location:
/var/rudder/tmp/plugins/https://download.rudder.io/plugins/./7.0/consul/release/rudder-plugin-consul-7.0.0~beta1-2.0.rpkg
which allows directory traversal.
Updated by 
Updated by
Actions