rudloff/alltube is vulnerable to server-side request forgery. The vulnerability exists in omposer.json
due to missing dependencies which allows an attacker to pass internal host names in the URL parameter and obtain information.
CPE | Name | Operator | Version |
---|---|---|---|
rudloff/alltube | le | 3.0.1 | |
rudloff/alltube | le | 3.0.1 |