Input validation

Improper Restriction of Rendered UI Layers or Frames in GitHub repository pyload/pyload prior to 0.5.0b3.dev33...

GHSA-M3G7-WRRQ-V5C8 Pyload contains Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository pyload/pyload prior to 0.5.0b3.dev32. The Secure attribute for sensitive cookies in HTTPS sessions is not set, which could cause the user agent to send those cookies in plaintext over an HTTP session. This issue is...

Pyload contains Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository pyload/pyload prior to 0.5.0b3.dev32. The Secure attribute for sensitive cookies in HTTPS sessions is not set, which could cause the user agent to send those cookies in plaintext over an HTTP session. This issue is...

CVE-2023-0057 Improper Restriction of Rendered UI Layers or Frames in pyload/pyload

Improper Restriction of Rendered UI Layers or Frames in GitHub repository pyload/pyload prior to 0.5.0b3.dev33...

CVE-2023-0057 Improper Restriction of Rendered UI Layers or Frames in pyload/pyload

Improper Restriction of Rendered UI Layers or Frames in GitHub repository pyload/pyload prior to 0.5.0b3.dev33...

pyload 安全漏洞

pyload is a free and open source download manager written in Python, designed to be extremely lightweight, easily extensible and fully manageable over the Web. A security vulnerability exists in pyload versions prior to 0.5.0b3.dev33, which stems from an improper restriction in its rendering UI...

CVE-2023-0057

CVE-2023-0057 affects pyload/pyload prior to 0.5.0b3.dev33. The root cause is improper restriction of rendered UI layers or frames, enabling potential clickjacking by a remote attacker. Affected versions are pre-0.5.0b3.dev33. Remediation: update to 0.5.0b3.dev33 or later; or apply a workaround t...

CVE-2023-0057 Improper Restriction of Rendered UI Layers or Frames in pyload/pyload

Improper Restriction of Rendered UI Layers or Frames in GitHub repository pyload/pyload prior to 0.5.0b3.dev33...

CVE-2023-0055

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository pyload/pyload prior to 0.5.0b3.dev32...

Session fixation

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository pyload/pyload prior to 0.5.0b3.dev32...

PT-2023-15974 · Pypi · Pyload

Name of the Vulnerable Software and Affected Versions: pyload/pyload versions prior to 0.5.0b3.dev32 Description: The issue concerns a sensitive cookie in HTTPS sessions without the 'Secure' attribute set. This could cause the user agent to send those cookies in plaintext over an HTTP session...

CVE-2023-0055 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in pyload/pyload

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository pyload/pyload prior to 0.5.0b3.dev32...

CVE-2023-0055

CVE-2023-0055 affects the pyload/pyload project prior to version 0.5.0b3.dev32. The issue is leaking cookies in HTTPS sessions because the Secure attribute is not set on sensitive cookies, potentially allowing plaintext transmission. A fix is available in version 0.5.0b3.dev32. No exploitation de...

CVE-2023-0055 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in pyload/pyload

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository pyload/pyload prior to 0.5.0b3.dev32...

PT-2023-8312 · Pyload · Pyload

Name of the Vulnerable Software and Affected Versions: pyload versions prior to 0.5.0b3.dev33 Description: The issue is related to improper restriction of rendered UI layers or frames in the pyload software, which can be exploited by a remote attacker to conduct a clickjacking attack. This allows...

pyload 安全漏洞

pyload is a free and open source download manager written in Python, designed to be extremely lightweight, easily extensible, and fully manageable over the Web. pyload is a free and open source download manager written in Python. A security vulnerability exists in versions prior to pyload...

CVE-2023-0055 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in pyload/pyload

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository pyload/pyload prior to 0.5.0b3.dev32...

Inefficient Regular Expression Complexity in pyload/pyload

✍️ Description The pyload package is vulnerable to ReDoS regular expression denial of service. An attacker that is able to provide crafted HTML comments as input to the comments function of utils/web/purge.py may cause an application to consume an excessive amount of CPU. Below pinned line using...