GHSA-2wcm-vx67-3x4q: Duplicate Advisory: GHSA-x698-5hjm-w2m5

July 8, 2025 (updated November 10, 2025)

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-x698-5hjm-w2m5. This link is maintained to preserve external references.

Original Description

Any unauthenticated attacker can bypass the localhost restrictions posed by the application and utilize this to create arbitrary packages

References

github.com/advisories/GHSA-2wcm-vx67-3x4q
github.com/pyload/pyload
github.com/pyload/pyload/security/advisories/GHSA-x698-5hjm-w2m5
nvd.nist.gov/vuln/detail/CVE-2025-7346

Code Behaviors & Features

Detect and mitigate GHSA-2wcm-vx67-3x4q with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →