CNNVD-202510-2461 Information
CNNVD ID
CNNVD-202510-2461
Related CVE
- CNNVD Published: 2025-10-17
Description (Chinese)
YtGrabber-TUI是Женя Бородин个人开发者的一个软件的界面。 YtGrabber-TUI 1.0版本存在安全漏洞,该漏洞源于默认配置文件config.json创建过程中存在TOCTOU竞争条件,可能导致任意文件覆盖。
Description (English)
YtGrabber-TUI is an interface for a software that’s fast-tracking and givin’ me a personal developer. There is a security loophole in YtGrabber-TUI Version 1.0, which stems from the fact that the default configuration file config.json was created with a TOCTOU competitive condition, which could lead to arbitrary document coverage.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2025-10-17
Last Modified
2026-02-24
References
https://github.com/zheny-creator/YtGrabber-TUI/security/advisories/GHSA-hwwf-fq6p-rw9q https://github.com/zheny-creator/YtGrabber-TUI/commit/bf065e833820bb4253a70a4c1dc6b843c6d8bf21 https://access.redhat.com/security/cve/cve-2025-62511
Patch
https://github.com/zheny-creator/YtGrabber-TUI/releases
Share on: