pyLoad is the free and open-source Download Manager written in pure Python. A log injection vulnerability was identified in pyload
allowing any unauthenticated actor to inject arbitrary messages into the logs gathered by pyload
. Forged or otherwise, corrupted log files can be used to cover an attackerβs tracks or even to implicate another party in the commission of a malicious act. This vulnerability has been patched in version 0.5.0b3.dev77.
CPE | Name | Operator | Version |
---|---|---|---|
pyload | le | 0.4.9 | |
pyload | eq | 0.5.0 beta1 | |
pyload | eq | 0.5.0 beta2 |