Skip to content

[CodeScanning #105] go/path-injection in pkg/llmproxy/store/objectstore.go:173 #35

Closed
Closed
[CodeScanning #105] go/path-injection in pkg/llmproxy/store/objectstore.go:173#35
Labels
code-scanningGitHub code scanning alert trackingcodeqlCodeQL alertsecuritySecurity issue
@KooshaPari

Description

@KooshaPari
KooshaPari
opened on Feb 23, 2026

Source alert: https://github.com/KooshaPari/cliproxyapi-plusplus/security/code-scanning/105

Rule:

  • ID: go/path-injection
  • Description: Uncontrolled data used in path expression
  • Severity: high

Location:

  • Ref: refs/heads/main
  • File: pkg/llmproxy/store/objectstore.go
  • Line: 173

Message:
This path depends on a user-provided value. This path depends on a user-provided value.

Scope:

  • Reproduce and confirm reachability
  • Implement fix with tests
  • Close code-scanning alert in GitHub

Metadata

Metadata

Assignees

No one assigned

    Labels

    code-scanningGitHub code scanning alert trackingcodeqlCodeQL alertsecuritySecurity issue

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions