August 28, 2021 [Issue 22247] New: [std.process] | ||||
|---|---|---|---|---|
| ||||
 | https://issues.dlang.org/show_bug.cgi?id=22247 Issue ID: 22247 Summary: [std.process] Product: D Version: D2 Hardware: All URL: http://dlang.org/phobos/ OS: All Status: NEW Severity: enhancement Priority: P3 Component: phobos Assignee: nobody@puremagic.com Reporter: ttimofeyka@yandex.ru Hello. I found that if you run this code on your site (including std.file), you can get illegal access to your server's files. This is a tough vulnerability that puts the entire site at risk, as an attacker can download (possibly illegal) files, delete them, and so on. -- | |||
Permalink
ReplyCopyright © 1999-2021 by the D Language Foundation