Path traversal when using `preview-docs` when working dir contains files with question mark `?` in name

Low

RomanHotsiy published GHSA-q324-q795-2q5p

Oct 9, 2021

Package

@redocly/openapi-cli (npm)

Affected versions

>=1.0.0-beta.9 <1.0.0-beta.59

Patched versions

>=1.0.0-beta.59

Description

Impact

preview-docs command allows path traversal if current working dir contains files with question mark ? in name and attacker knows the name.

Patches

It was patched starting from 1.0.0-beta.59

Workarounds

Do not run openapi-cli preview-docs command in the folder which contains files with question mark ? in name.

References

For more information

If you have any questions or comments about this advisory:

Open an issue in @redocly/openapi-cli
Email us at security@redocly.com