GHSA-25pw-q952-x37g – pyload-ng

Package

Manager: pip
Name: pyload-ng
Vulnerable Version: <0

Severity

Level: High

CVSS v3.1: N/A

CVSS v4.0: N/A

EPSS: N/A pctlN/A

Details

Duplicate Advisory: pyload-ng vulnerable to RCE with js2py sandbox escape ## Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-r9pp-r4xf-597r. This link is maintained to preserve external references. ## Original Description An issue in pyload-ng v0.5.0b3.dev85 running under python3.11 or below allows attackers to execute arbitrary code via a crafted HTTP request.

Metadata

Created: 2024-10-28T21:30:34Z
Modified: 2024-10-28T21:50:04Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/10/GHSA-25pw-q952-x37g/GHSA-25pw-q952-x37g.json
CWE IDs: []
Alternative ID: N/A
Finding: N/A
Auto approve: 0