WRITEUP

This patch addresses a path traversal vulnerability in Tautulli by adding validation to ensure image paths are subdirectories of the resource directory. The fix introduces a new helper function `is_subdir` and applies it in two image-serving functions to prevent directory traversal attacks.