CVE-2023-0297: Improper Control of Generation of Code ('Code Injection')

January 14, 2023 (updated June 15, 2023)

Code Injection in GitHub repository pyload/pyload prior to 0.5.0b3.dev31.

References

github.com/pyload/pyload/commit/7d73ba7919e594d783b3411d7ddb87885aea782d
huntr.dev/bounties/3fd606f7-83e1-4265-b083-2e1889a05e65
nvd.nist.gov/vuln/detail/CVE-2023-0297

Detect and mitigate CVE-2023-0297 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →