cbcvebase.
CVE-2023-0227
published 2023-01-12

CVE-2023-0227: Insufficient Session Expiration in GitHub repository pyload/pyload prior to 0.5.0b3.dev36.

PriorityP430medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
EPSS
0.66%
46.7th percentile
Insufficient Session Expiration in GitHub repository pyload/pyload prior to 0.5.0b3.dev36.

Affected

4 ranges
VendorProductVersion rangeFixed in
pyload-ng_projectpyload-ng>= 0 < 0.5.0b3.dev360.5.0b3.dev36
pyload-ng_projectpyload-ng0 – 0.5.0b3.dev97
pyloadpyload< 2023-01-122023-01-12
pyloadpyload_pyload>= unspecified < 0.5.0b3.dev360.5.0b3.dev36

CVSS provenance

nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvdv3.08.3HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
ghsa6.5MEDIUM
vendor_oracle7.5HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.