Y
Hacker News
new
|
ask
|
show
|
jobs
by
singron
257 days ago
Godot has a known issue where the built in deserialization can lead to arbitrary code execution. E.g. a save file could be modified to execute any script when it's deserialized.