CVE-2022-36082: Files or Directories Accessible to External Parties
(updated )
mangadex-downloader is a command-line tool to download manga from MangaDex. When using file:<location>
command and <location>
is a web URL location (http, https), mangadex-downloader between versions 1.3.0 and 1.7.2 will try to open and read a file in local disk for each line of website contents. Version 1.7.2 contains a patch for this issue.
References
Detect and mitigate CVE-2022-36082 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →