Skip to content

[Bug]An overlooked security vulnerability #9194

Description

@August829

What happened / 发生了什么

https://github.com/AstrBotDevs/AstrBot/security/advisories/GHSA-p65j-c6r8-j4rj
I've submitted a security issue. Could you please fix it?

Reproduce / 如何复现?

PS:https://github.com/AstrBotDevs/AstrBot/security/advisories/GHSA-p65j-c6r8-j4rj

AstrBot version, deployment method (e.g., Windows Docker Desktop deployment), provider used, and messaging platform used. / AstrBot 版本、部署方式(如 Windows Docker Desktop 部署)、使用的提供商、使用的消息平台适配器

PS:https://github.com/AstrBotDevs/AstrBot/security/advisories/GHSA-p65j-c6r8-j4rj

OS

Linux

Logs / 报错日志

PS:https://github.com/AstrBotDevs/AstrBot/security/advisories/GHSA-p65j-c6r8-j4rj

Are you willing to submit a PR? / 你愿意提交 PR 吗?

  • Yes!

Code of Conduct

Metadata

Metadata

Assignees

No one assigned

    Labels

    area:coreThe bug / feature is about astrbot's core, backendbugSomething isn't workingpriority: p0

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions