pyload 信任管理问题漏洞

pyload is a free and open source download manager written in Python, designed to be extremely lightweight, easily extensible and fully manageable over the web. A trust management issue vulnerability exists in versions prior to pyload 0.5.0b3.dev44, which stems from incorrect validation of...

PT-2023-16300 · Pyload · Pyload

Name of the Vulnerable Software and Affected Versions: pyload versions prior to 0.5.0b3.dev42 Description: The issue is related to Cross-site Scripting XSS - Stored. This means that an attacker can inject malicious scripts into a website, which are then stored on the server and executed by other...

CVE-2023-0509 Improper Certificate Validation in pyload/pyload

Improper Certificate Validation in GitHub repository pyload/pyload prior to 0.5.0b3.dev44...

CVE-2023-0488

CVE-2023-0488 is a Stored XSS in pyload/pyload prior to version 0.5.0b3.dev42. Multiple connected sources (PT-2023-16300, CNNVD, Red Hat, GHSA, OSV, NVD/CVE, CVELIST) describe the issue as a stored XSS in the GitHub repository. The vulnerability affects pyload’s web-facing input handling and can ...

CVE-2023-0509

CVE-2023-0509 affects the Python-based download manager pyload/pyload, with versions prior to 0.5.0b3.dev44 failing to validate TLS certificates. Root cause: improper certificate validation. Impact per sources: high risk to confidentiality and integrity; no availability impact indicated. Affected...

CVE-2023-0488 Cross-site Scripting (XSS) - Stored in pyload/pyload

Cross-site Scripting XSS - Stored in GitHub repository pyload/pyload prior to 0.5.0b3.dev42...

CVE-2023-0509 Improper Certificate Validation in pyload/pyload

Improper Certificate Validation in GitHub repository pyload/pyload prior to 0.5.0b3.dev44...

Excessive Attack Surface in pyload-ng

Excessive Attack Surface in GitHub repository pyload/pyload prior to 0.5.0b3.dev41...

GHSA-6JMX-PV77-WM5W Excessive Attack Surface in pyload-ng

Excessive Attack Surface in GitHub repository pyload/pyload prior to 0.5.0b3.dev41...

CVE-2023-0435

Excessive Attack Surface in GitHub repository pyload/pyload prior to 0.5.0b3.dev41...

Code injection

Excessive Attack Surface in GitHub repository pyload/pyload prior to 0.5.0b3.dev41...

Improper Input Validation in pyload-ng

Improper Input Validation in GitHub repository pyload/pyload prior to 0.5.0b3.dev40...

GHSA-X9VC-5Q77-M7X4 Improper Input Validation in pyload-ng

Improper Input Validation in GitHub repository pyload/pyload prior to 0.5.0b3.dev40...

CVE-2023-0434

Improper Input Validation in GitHub repository pyload/pyload prior to 0.5.0b3.dev40...

Input validation

Improper Input Validation in GitHub repository pyload/pyload prior to 0.5.0b3.dev40...

CVE-2023-0435 Excessive Attack Surface in pyload/pyload

Excessive Attack Surface in GitHub repository pyload/pyload prior to 0.5.0b3.dev41...

pyload 安全漏洞

pyload is a free and open source download manager written in Python, designed to be extremely lightweight, easily extensible and fully manageable over the Web. A security vulnerability exists in versions prior to pyload/pyload 0.5.0b3.dev41, which stems from the presence of too many attack surfac...

pyload 输入验证错误漏洞

pyload is a free and open source download manager written in Python, designed to be extremely lightweight, easily extensible and fully manageable over the web. An input validation error vulnerability exists in pyload versions prior to 0.5.0b3.dev40, which stems from improper input validation...

PT-2023-16267 · Pyload · Pyload

Name of the Vulnerable Software and Affected Versions: pyload/pyload versions prior to 0.5.0b3.dev41 Description: The issue concerns an excessive attack surface in the GitHub repository pyload/pyload. Recommendations: For versions prior to 0.5.0b3.dev41, update to version 0.5.0b3.dev41 or later t...

CVE-2023-0434 Improper Input Validation in pyload/pyload

Improper Input Validation in GitHub repository pyload/pyload prior to 0.5.0b3.dev40...