Описание
Duplicate Advisory: pyload-ng vulnerable to RCE with js2py sandbox escape
Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-r9pp-r4xf-597r. This link is maintained to preserve external references.
Original Description
An issue in pyload-ng v0.5.0b3.dev85 running under python3.11 or below allows attackers to execute arbitrary code via a crafted HTTP request.
Пакеты
Наименование
pyload-ng
pip
Затронутые версииВерсия исправления
<= 0.5.0b3.dev85
Отсутствует