pyLoad is the free and open-source Download Manager written in pure Python. A log injection vulnerability was identified in `pyload` allowing any unauthenticated actor to inject arbitrary messages into the logs gathered by `pyload`. Forged or otherwise, corrupted log files can be used to cover an attacker’s tracks or even to implicate another party in the commission of a malicious act. This vulnerability has been patched in version 0.5.0b3.dev77.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| pyload-ng(PyPI) | 0 | 0.5.0b3.dev77 | N/A |
CVSS Metrics
