snaggen@programming.dev to Rust@programming.dev · 9 months agoSecurity advisory for the standard library (CVE-2024-24576)blog.rust-lang.orgexternal-linkmessage-square10fedilinkarrow-up150arrow-down11cross-posted to: security@lemmy.mltechnology@lemmy.worldrust@lemmit.online
arrow-up149arrow-down1external-linkSecurity advisory for the standard library (CVE-2024-24576)blog.rust-lang.orgsnaggen@programming.dev to Rust@programming.dev · 9 months agomessage-square10fedilinkcross-posted to: security@lemmy.mltechnology@lemmy.worldrust@lemmit.online
minus-squareIch, einfach anders@lemmings.worldlinkfedilinkarrow-up12·edit-29 months agoTl;dr: std::process::Command is vulnerable to shell injection if you invoke cmd.exe or *.{cmd,bat} on Windows.
Tl;dr:
std::process::Command
is vulnerable to shell injection if you invokecmd.exe
or*.{cmd,bat}
on Windows.