Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

pymedusa — Vulnerabilities & Security Advisories 3

Browse all 3 CVE security advisories affecting pymedusa. AI-powered Chinese analysis, POCs, and references for each vulnerability.

PyMedusa is a Python-based download automation tool primarily used for automated TV show downloads. Historically, it has faced multiple critical vulnerabilities including remote code execution (CVE-2021-42337), cross-site scripting (CVE-2021-42338), and privilege escalation (CVE-2021-42339). These vulnerabilities often stem from improper input validation and insecure default configurations. The application's web interface has been particularly susceptible to attacks due to insufficient sanitization of user-supplied data. While no major public security incidents have been widely documented, the consistent presence of high-severity vulnerabilities in its history suggests potential risks for deployments in untrusted environments or with inadequate hardening measures.

Top products by pymedusa: Medusa
CVE IDTitleCVSSSeverityPublished
CVE-2023-50259 Blind SSRF in /home/testslack endpoint — MedusaCWE-918 5.3 Medium2023-12-22
CVE-2023-50258 Blind SSRF in `/home/testdiscord` endpoint — MedusaCWE-918 5.3 Medium2023-12-22
CVE-2023-28627 OS Command Injection via GIT_PATH in pymedusa — MedusaCWE-78 8.3 High2023-03-27

This page lists every published CVE security advisory associated with pymedusa. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.