FAI-PEP icon indicating copy to clipboard operation
FAI-PEP copied to clipboard
verified publisher icon facebook

Path Manipulation

Open QiAnXinCodeSafe opened this issue 5 years ago • 0 comments

https://github.com/facebook/FAI-PEP/blob/029528679f64931e993b2911d70e7d6ca4dbf411/libraries/python/onnx_to_caffe2.py#L33 https://github.com/facebook/FAI-PEP/blob/029528679f64931e993b2911d70e7d6ca4dbf411/libraries/python/onnx_to_caffe2.py#L38

Allowing user input to control paths used in file system operations could enable an attacker to access or modify otherwise protected system resources

QiAnXinCodeSafe avatar Jun 15 '20 07:06 QiAnXinCodeSafe