You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Due to the shortcut script written in bash and the way the subprocesses were called in python, QuickView is probably susceptible to command injection via file name.
Nyre221/Kiview#5
QuickView doesn't appear to be affected by the same command as Kiview but is likely affected in other ways.
I have no intention of keeping the python version updated since I released the C++ version.
I am making this report to warn users of this possible vulnerability.
The text was updated successfully, but these errors were encountered:
Due to the shortcut script written in bash and the way the subprocesses were called in python, QuickView is probably susceptible to command injection via file name.
Nyre221/Kiview#5
QuickView doesn't appear to be affected by the same command as Kiview but is likely affected in other ways.
I have no intention of keeping the python version updated since I released the C++ version.
I am making this report to warn users of this possible vulnerability.
The text was updated successfully, but these errors were encountered: