Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
in-toto-golang is a go implementation of the in-toto framework to protect software supply chain integrity. within a trusted set of users for a layout) are able to create attestations that may bypass DISALLOW rules in the same layout.