andre/crewAI
1
0
Fork 0
mirror of https://github.com/crewAIInc/crewAI.git synced 2026-04-09 12:38:14 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity
Files
96383abd8b05dd6cae962f3ca18942055f66c450
crewAI/lib
History
Rip&Tear 96383abd8b fix: prevent path traversal in FileWriterTool without interface changes 
Adds containment check inside _run() using os.path.realpath() to ensure
the resolved file path stays within the resolved directory. Blocks ../
sequences, absolute filenames, and symlink escapes transparently —
no schema or interface changes required.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-16 00:16:13 +08:00
..
crewai
Code interpreter sandbox escape (#4791)
2026-03-15 13:18:02 +08:00
crewai-files
feat: bump versions to 1.10.2rc2
2026-03-14 00:34:12 -04:00
crewai-tools
fix: prevent path traversal in FileWriterTool without interface changes
2026-03-16 00:16:13 +08:00
devtools
feat: bump versions to 1.10.2rc2
2026-03-14 00:34:12 -04:00