Remote code execution in better-macro
High severity
GitHub Reviewed
Published
Aug 25, 2021
to the GitHub Advisory Database
•
Updated Feb 1, 2023
Description
Published by the National Vulnerability Database
Aug 8, 2021
Reviewed
Aug 18, 2021
Published to the GitHub Advisory Database
Aug 25, 2021
Last updated
Feb 1, 2023
An issue was discovered in the better-macro crate through 2021-07-22 for Rust. It intentionally demonstrates that remote attackers can execute arbitrary code via proc-macros, and otherwise has no legitimate purpose.
References