CVE-2024-21645
pyload is affected by a Log Injection vulnerability (CVE-2024-21645) that allows any unauthenticated actor to inject arbitrary log messages into pyload logs. The root cause is insufficient escaping of certain input (e.g., newline in username) which corrupts log entries. Impact: forged or corrupte...