kho kho tshiab ntawm Python 3.8.5 programming lus, uas ob peb vulnerabilities:
- - tarfile module looping thaum sim qhib cov ntaub ntawv tsim tshwj xeeb hauv tar hom.
- - tsoo thaum lub Pickle module sim ua cov khoom siv tshwj xeeb tsim opcode NEWOBJ_EX.
- - lub peev xwm los hloov HTTP headers rau hauv qhov kev thov los ntawm kev siv cov cim tshiab hauv "txoj kev" parameter ntawm http.client module. Piv txwv li: conn.request(method=βGET / HTTP/1.1\r\nHost: abc\r\nRemainder:β, url=β/index.htmlβ). Qhov tsis zoo tau raug kho yav tas los, tab sis tsis tau them rau http.client.putrequest txoj kev ruaj ntseg.
Tau qhov twg los: opennet.ru