Описание
pyLoad is the free and open-source Download Manager written in pure Python. Any unauthenticated user can browse to a specific URL to expose the Flask config, including the `SECRET_KEY` variable. This issue has been patched in version 0.5.0b3.dev77.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| pyload | itp | package |
EPSS
Процентиль: 99%
0.87321
Высокий
Связанные уязвимости
CVSS3: 7.5
nvd
около 2 лет назад
pyLoad is the free and open-source Download Manager written in pure Python. Any unauthenticated user can browse to a specific URL to expose the Flask config, including the `SECRET_KEY` variable. This issue has been patched in version 0.5.0b3.dev77.
CVSS3: 7.5
github
около 2 лет назад
pyload Unauthenticated Flask Configuration Leakage vulnerability
EPSS
Процентиль: 99%
0.87321
Высокий