Tests demonstrate that env vars, labels, volumes, and ports can be deleted via another app's URL path without ownership checks. All 4 tests fail, confirming the vulnerability described in #19. |
||
|---|---|---|
| .. | ||
| routes.go | ||
| server.go | ||
Tests demonstrate that env vars, labels, volumes, and ports can be deleted via another app's URL path without ownership checks. All 4 tests fail, confirming the vulnerability described in #19. |
||
|---|---|---|
| .. | ||
| routes.go | ||
| server.go | ||