Skip to content

Noticed some SSRF patterns in examples #449

Description

@joshua-trustabl

Ran your repo through Trustabl and a few things caught my eye. The scan found 13 findings (5 high, 1 medium, 7 low). A couple of patterns that stood out were related to fetching caller-controlled URLs, which might be worth a look. Could be intentional, just thought you'd want to know.


Add Trustabl to your CI — trustabl/trustabl-action:

- name: Trustabl scan
  uses: trustabl/trustabl-action@v1

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions