6 matches found
CVE-2022-31536
The jaygarza1982/ytdl-sync repository through 2021-01-02 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31536
The jaygarza1982/ytdl-sync repository through 2021-01-02 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31536
The jaygarza1982/ytdl-sync repository through 2021-01-02 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
Path traversal
The jaygarza1982/ytdl-sync repository through 2021-01-02 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31536
CVE-2022-31536 affects the repository by jaygarza1982/ytdl-sync up to 2021-01-02, where an unsafe use of Flask’s send_file enables absolute path traversal. Documented impact includes partial confidentiality/partial availability (CVSS v3.1 base score 9.3; network attack, no privileges, no user int...
ytdl-sync 路径遍历漏洞
The ytdl-sync repository is a web interface for YTDL by Jake Garza, an individual developer in the United States. A security vulnerability exists in ytdl version 2021-01-02 and earlier, which stems from an incorrect call to Flask's sendfile function that results in absolute path traversal...