Headline
CVE-2023-38695: Release 8.0.2 · simonsmith/cypress-image-snapshot
cypress-image-snapshot shows visual regressions in Cypress with jest-image-snapshot. Prior to version 8.0.2, it’s possible for a user to pass a relative file path for the snapshot name and reach outside of the project directory into the machine running the test. This issue has been patched in version 8.0.2.
Actions
Automate any workflow
Packages
Host and manage packages
Security
Find and fix vulnerabilities
Codespaces
Instant dev environments
Copilot
Write better code with AI
Code review
Manage code changes
Issues
Plan and track work
Discussions
Collaborate outside of code
GitHub Sponsors
Fund open source developers
* The ReadME Project
GitHub community articles
- Pricing
Search code, repositories, users, issues, pull requests…
Provide feedback
Saved searches****Use saved searches to filter your results more quickly
Sign up
Related news
### Impact It's possible for a user to pass a relative file path for the snapshot name and reach outside of the project directory into the machine running the test. Example: ```js cy.get('h1').matchImageSnapshot('../../../ignore-relative-dirs') ``` The above will create an `ignore-relative-dirs.png` three levels up ### Patches Fixed in `8.0.2` ### Workarounds Validate all the existing uses of `matchImageSnapshot` to ensure correct use of the filename argument. Example: ```js // snapshot name will be the test title cy.matchImageSnapshot(); // snapshot name will be the name passed in cy.matchImageSnapshot('login'); ``` ### References https://github.com/simonsmith/cypress-image-snapshot/issues/15