commit: f920de9eb056437d023ca58442dbd2b3e64d57a0
parent ad91f94fc16d699dc0ca353e852772a3064cdc90
Author: Haelwenn (lanodan) Monnier <contact@hacktivis.me>
Date: Fri, 29 Sep 2023 01:59:27 +0200
bookmarks: https://noyaml.com/ https://codeclimate.com/blog/rails-remote-code-execution-vulnerability-explained
Diffstat:
1 file changed, 8 insertions(+), 0 deletions(-)
diff --git a/bookmarks.xbel b/bookmarks.xbel
@@ -598,4 +598,12 @@
<title>Maybe you don't need Rust and WASM to speed up your JS</title>
<desc>Article explaining how you could still improve source-map@0.6.0 very signicantly even compared to right after it's usage of Rust</desc>
</bookmark>
+ <bookmark href="https://noyaml.com/">
+ <title>🚨🚨 That's a lot of YAML 🚨🚨</title>
+ <desc>"A silly emotional rant about the state of devops tooling/the infrastructure sector in 2018. #noyaml.com"</desc>
+ </bookmark>
+ <bookmark href="https://codeclimate.com/blog/rails-remote-code-execution-vulnerability-explained">
+ <title>Rails' remote code execution vulnerability explained | Code Climate</title>
+ <desc>(Article from 2013) Wherein automatic decoding of HTTP request bodies combined with YAML full-automatic footgun of representing native objects allowed to get full code execution in Rails applications.</desc>
+ </bookmark>
</xbel>
