CVE-2023-38695
CVE-2023-38695 affects the cypress-image-snapshot plugin (used with Cypress). The vulnerability allows a user to pass a relative file path as the snapshot name, enabling path traversal outside the project directory on the machine running tests. This is mitigated by upgrading to version 8.0.2 or l...