Reliance on Untrusted Inputs in a Security Decision
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-807: Reliance on Untrusted Inputs in a Security Decision |
| Confidence Level | High |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
Relying on std::env::args_os() for security decisions is unsafe because command-line arguments can be modified or spoofed by users. The first argument, often assumed to be the executable path, can contain arbitrary content and should not be trusted.
Impact#
If your application uses args_os for authentication, authorization, or other security checks, attackers could manipulate process arguments to bypass protections or mislead the application, potentially leading to unauthorized access or incorrect behavior.