You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@rocketmq.apache.org by GitBox <gi...@apache.org> on 2019/12/06 03:16:50 UTC

[GitHub] [rocketmq] coffeehb edited a comment on issue #1637: A directory traversal vulnerability exists in RocketMQ's automatic topic creation

coffeehb edited a comment on issue #1637: A directory traversal vulnerability exists in RocketMQ's automatic topic creation
URL: https://github.com/apache/rocketmq/issues/1637#issuecomment-562414965
 
 
   > @coffeehb it would be better to add some filtering logic on the topic name when creating a topic.
   @duhenglucky
   Yes, without filtering logic, an attacker can fill up any arbitrary directory on the system. Please note that this issue may exist other versions of the rocketmq, not only 4.6.0 or Windows systems. 
   

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services