YouCube icon indicating copy to clipboard operation
YouCube copied to clipboard

Published 20 hours ago verified publisher icon Commandcracker

dont diractly use user input path

Open Commandcracker opened this issue 3 years ago • 1 comments
trafficstars

current solution youcube.py

there might be an better way to handle this user input

Commandcracker avatar Oct 22 '22 18:10 Commandcracker

(PTC-W6004) Audit required: External control of file name or path

Description

Python's open() function can take in a relative or absolute path and read its file contents. If a user is provided direct access to the path that is opened, it can have serious security risks.

Occurrences

There are 2 occurrences of this issue in the repository.

See all occurrences on DeepSource → deepsource.io/gh/Commandcracker/YouCube/issue/PTC-W6004/occurrences/

Commandcracker avatar Dec 03 '22 16:12 Commandcracker