Andreas/siyuan
1
0
Fork 0
mirror of https://github.com/siyuan-note/siyuan.git synced 2026-03-01 10:20:16 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

🔒 Arbitrary file reading vulnerability https://github.com/siyuan-note/siyuan/issues/16860

Browse source 
Signed-off-by: Daniel <845765@qq.com>
This commit is contained in:
Daniel 2026-01-18 17:25:21 +08:00
parent b2274baba2
commit f8f4b51707
No known key found for this signature in database
GPG key ID: 86211BA83DF03017
1 changed files with 1 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
kernel/util/path.go
View file

@ -416,6 +416,7 @@ func IsSensitivePath(p string) bool {
"passwd": {},
"shadow": {},
"pgpass": {},
"hosts": {},
"credentials": {}, // 如 aws credentials
"config.json": {}, // docker config.json 可能含 token
}