Example image conversion route merge #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open

kadraman wants to merge 1 commit into main from fcli-path-test

Open

Example image conversion route merge #2

Example image conversion route

GitHub Advanced Security / Fortify on Demand failed Jun 16, 2025 in 2s

4 new alerts including 4 critical severity security vulnerabilities

New alerts in code changed by this pull request

Security Alerts:

4 critical

See annotations below for details.

View all branch alerts.

Annotations

Check failure on line 51 in src/configs/app.config.ts

Code scanning / Fortify on Demand

Key Management: Hardcoded Encryption Key Critical

Hardcoded encryption keys can compromise security in a way that is not easy to remedy. More information

Check failure on line 157 in src/routes/site.routes.ts

Code scanning / Fortify on Demand

Path Manipulation Critical

Attackers can control the file system path argument to writeFileSync() at site.routes.ts line 157, which allows them to access or modify otherwise protected files. More information

Check failure on line 157 in src/utils/image.utils.ts

Code scanning / Fortify on Demand

Path Manipulation Critical

Attackers can control the file system path argument to writeFileSync() at image.utils.ts line 157, which allows them to access or modify otherwise protected files. More information

Check failure on line 167 in src/utils/image.utils.ts

Code scanning / Fortify on Demand

Command Injection Critical

The method lambda() in image.utils.ts calls exec() to execute a command. This call might allow an attacker to inject malicious commands. More information