[Security Vulnerability] Allowing malicious code injection.

[vickyguptaa7]

I have identified a security vulnerability in the CodeX-API repository. The vulnerability allows an attacker to inject malicious code into the server, which can potentially harm the server and allow unauthorized access to sensitive information. Specifically, an attacker is able to delete files on the server using javascript or other programming language.

This security vulnerability poses a significant threat to the project's integrity and the security of the data stored in the server.

[oybekrustamov]

Hi. I think using an isolated environment for the Codex API will solve this problem. For example Docker.

[vickyguptaa7]

Running the Node.js process in non-root mode is also a viable solution. I have raised a pull request to implement this change.

[oybekrustamov]

@vickyguptaa7 Can you add a memory limit or Used memory in output?

[vickyguptaa7]

Yeah it can be done by using pidusage npm package.