cypress-image-snapshot shows visual regressions in Cypress with jest-image-snapshot. Prior to version 8.0.2, it's possible for a user to pass a relative file path for the snapshot name and reach outside of the project directory into the machine running the test. This issue has been patched in version 8.0.2.
History

Mon, 07 Oct 2024 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-08-04T17:25:18.810Z

Updated: 2024-10-04T19:39:48.430Z

Reserved: 2023-07-24T16:19:28.364Z

Link: CVE-2023-38695

cve-icon Vulnrichment

Updated: 2024-08-02T17:46:56.567Z

cve-icon NVD

Status : Modified

Published: 2023-08-04T18:15:14.667

Modified: 2024-11-21T08:14:04.383

Link: CVE-2023-38695

cve-icon Redhat

No data.