[HN] When URL parsers disagree (CVE-2023-38633, librsvg)
[HN] When URL parsers disagree (CVE-2023-38633, librsvg)
www.canva.dev When URL parsers disagree (CVE-2023-38633) - Canva Engineering Blog
Discovery and walkthrough of CVE-2023-38633 in librsvg, when two URL parser implementations (Rust and Glib) disagree on file scheme parsing leading to path traversal.
[ comments | sourced from HackerNews ]
0
comments