CVE-2024-24808

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-24808
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-24808.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-24808
Aliases
Published
2024-02-06T04:15:08Z
Modified
2024-10-12T11:19:04.503635Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

pyLoad is an open-source Download Manager written in pure Python. There is an open redirect vulnerability due to incorrect validation of input values when redirecting users after login. pyLoad is validating URLs via the get_redirect_url function when redirecting users at login. This vulnerability has been patched with commit fe94451.

References

Affected packages

Git / github.com/pyload/pyload

Affected ranges

Type
GIT
Repo
https://github.com/pyload/pyload
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

v0.*

v0.1
v0.1.1
v0.2
v0.2.1
v0.2.2
v0.3
v0.3.1
v0.3.2
v0.4
v0.4.1
v0.4.2
v0.4.3
v0.4.4
v0.4.5
v0.4.6
v0.4.7
v0.4.8
v0.4.9