Delphi-PRAXiS - Einzelnen Beitrag anzeigen

**DP News-Robot**

YAML’s security risks are in no way limited to Rails or Ruby. YAML documents should be treated as executable code and firewalled accordingly. Deserializing arbitrary types is user-controlled, arbitrary code execution. It’s Not Just Ruby A few weeks ago, I had a need to parse ...

More...

DP News-Robot Registriert seit: 4. Jun 2010 15.824 Beiträge	#1 YAML and Remote Code Execution 4. Feb 2013, 21:30 YAML’s security risks are in no way limited to Rails or Ruby. YAML documents should be treated as executable code and firewalled accordingly. Deserializing arbitrary types is user-controlled, arbitrary code execution. It’s Not Just Ruby A few weeks ago, I had a need to parse ... More...
	Zitat

Einzelnen Beitrag anzeigen

YAML and Remote Code Execution