New submission from bigbigliang :
Dear Python Community,
We’ve found a bug in cpython Lib and already received a cve number
(CVE-2019-10268).But to be honest, I'm not sure if it's a loophole.
Please tell me what to do next.
bigbigliang
--
components: 2to3 (2.x to 3.x conversion tool
bigbigliang added the comment:
Yes, as you said. I think this problem can be closed. My initial idea was
that if a user carefully constructs a vulnerability point, it may cause
some danger, such as 'getattr(os,"system")("/bin/sh")'. So I have some
ideas about whether it is
bigbigliang added the comment:
>
> Certainly.
>
>
--
___
Python tracker
<https://bugs.python.org/issue36506>
___
___
Python-bugs-list mailing list
U
bigbigliang added the comment:
Thank you for your answer. I am a student and very interested in python. I
want to continue digging for Python bugs, but I am not good at this area. I
want to keep looking for loopholes.
from:bigbigliang
Christian Heimes 于2019年4月3日周三 下午5:33写道:
>
> Chr
