Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
mangadex-downloader vulnerable to unauthorized file reading
Vulnerability Description
mangadex-downloader is a command-line tool to download manga from MangaDex. When using `file:<location>` command and `<location>` is a web URL location (http, https), mangadex-downloader between versions 1.3.0 and 1.7.2 will try to open and read a file in local disk for each line of website contents. Version 1.7.2 contains a patch for this issue.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
输入验证不恰当
Vulnerability Title
mangadex-downloader 输入验证错误漏洞
Vulnerability Description
mangadex-downloader是Rahman Yusuf个人开发者的一个从 MangaDex 下载漫画的命令行工具。 mangadex-downloader 1.7.2之前版本存在输入验证错误漏洞,该漏洞源于当使用file:<location>命令且<location>是Web URL位置时,将尝试为每一行网站内容打开并读取本地磁盘中的文件。
CVSS Information
N/A
Vulnerability Type
N/A