Navigation
Recherche
|
The "Trojan Source" vulnerability
lundi 1 novembre 2021, 15:22 , par LWN.net
The latest branded and trademarked vulnerability type is called 'Trojan Source'. By playing tricks
with Unicode bidirectional support, an attacker can create malicious code that appears to be benign to reviewers. 'The attack is to use control characters embedded in comments and strings to reorder source code characters in a way that changes its logic.' Various releases, including Rust 1.56.1, are being made to address this problem.
https://lwn.net/Articles/874546/rss
|
56 sources (32 en français)
Date Actuelle
ven. 19 avril - 19:16 CEST
|