4 matches found
GHSA-CGW6-F3MJ-H742 RustEmbed generated `get` method allows for directory traversal when reading files from disk
When running in debug mode and the debug-embed off by default feature is not enabled, the generated get method does not check that the input path is a child of the folder given. This allows attackers to read arbitrary files in the file system if they have control over the filename given. The...
RustEmbed generated `get` method allows for directory traversal when reading files from disk
When running in debug mode and the debug-embed off by default feature is not enabled, the generated get method does not check that the input path is a child of the folder given. This allows attackers to read arbitrary files in the file system if they have control over the filename given. The...
RUSTSEC-2021-0126 RustEmbed generated `get` method allows for directory traversal when reading files from disk
When running in debug mode and the debug-embed off by default feature is not enabled, the generated get method does not check that the input path is a child of the folder given. This allows attackers to read arbitrary files in the file system if they have control over the filename given. The...
RustEmbed generated `get` method allows for directory traversal when reading files from disk
When running in debug mode and the debug-embed off by default feature is not enabled, the generated get method does not check that the input path is a child of the folder given. This allows attackers to read arbitrary files in the file system if they have control over the filename given. The...