CVE-2023-0509Improper Certificate Validation in Pyload

CWE-295Improper Certificate Validation4 documents4 sources
Severity
7.4HIGHNVD
EPSS
0.1%
top 65.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Pyload PyloadPyload-ng Project Pyload-ngPyload
Timeline
PublishedJan 26
Latest updateJan 27

Description

Improper Certificate Validation in GitHub repository pyload/pyload prior to 0.5.0b3.dev44.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 2.2 | Impact: 5.2

Affected Packages4 packages

NVDpyload/pyload< 2023-01-25
CVEListV5pyload/pyload_pyloadunspecified0.5.0b3.dev44
NVDpyload-ng_project/pyload-ng< 0.5.0b3.dev44
PyPIpyload-ng_project/pyload-ng< 0.5.0b3.dev44

Patches

Patch: github.comPatch: huntr.devPatch: github.com

🔴Vulnerability Details

3
GHSA
Improper Certificate Validation in pyload-ng2023-01-27
OSV
Improper Certificate Validation in pyload-ng2023-01-27
CVEList
Improper Certificate Validation in pyload/pyload2023-01-26
CVE-2023-0509 — Improper Certificate Validation | cvebase