GHSA-25pw-q952-x37g: Duplicate Advisory: pyload-ng vulnerable to RCE with js2py sandbox escape
Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-r9pp-r4xf-597r. This link is maintained to preserve external references.
Original Description
An issue in pyload-ng v0.5.0b3.dev85 running under python3.11 or below allows attackers to execute arbitrary code via a crafted HTTP request.
References
Detect and mitigate GHSA-25pw-q952-x37g with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →