Saloon PHP Library Fixture Name Path Traversal Vulnerability

A path traversal vulnerability has been identified in the Saloon PHP library, prior to version 4.0.0. The issue arises because fixture names were used to create file paths under the designated fixture directory without proper validation. Names containing path segments could traverse outside the intended directory. This flaw allowed the application to read or write files anywhere the process had access, potentially leading to the disclosure of sensitive information or overwriting critical files. The vulnerability was particularly concerning when fixture names were based on user or attacker-controlled input, such as request parameters or configuration.

Impact

Exploitation of this vulnerability could result in unauthorized file access or modification, allowing sensitive files to be read or critical files to be overwritten.

Remediation

Users are advised to upgrade to Saloon version 4.0.0 or later. For guidance on upgrading from version 3 to 4, please refer to the Saloon upgrade documentation.