On 2025-05-17 11:26:54 +0300, Niko Tyni wrote: > It doesn't look like upstream is treating this as a serious security > issue, so I'm lowering the severity. Please discuss the security concerns > upstream if you want this to change.
I think that upstream is just currently trying to fix the bug, not discussing about security. Note that since in the case the directory opened by opendir is writable by some attacker (e.g. it could be /tmp), the attacker can provide incorrect data to the script. This could potentially be data that could be executed by the script. -- Vincent Lefèvre <vinc...@vinc17.net> - Web: <https://www.vinc17.net/> 100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/> Work: CR INRIA - computer arithmetic / Pascaline project (LIP, ENS-Lyon)
