CNNVD-202601-2989 Information
CNNVD ID
CNNVD-202601-2989
Related CVE
- CNNVD Published: 2026-01-19
Description (Chinese)
MyTube是Peifan Li个人开发者的一个视频自托管下载器和播放器。 MyTube 1.7.66之前版本存在安全漏洞,该漏洞源于roleBasedAuthMiddleware身份验证检查可被绕过,可能导致未经验证的用户访问和修改应用设置及受保护路由。
Description (English)
MyTube is a video self-hosted downloader and player for Peifan Li personal developer. The previous version of MyTube 1.7.66 had a security loophole, which originated from the roleBasedAuth Middleware identity check that could be bypassed and could lead to uncertified users accessing and modifying application settings and protected routes.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2026-01-19
Last Modified
2026-02-24
References
https://github.com/franklioxygen/MyTube/security/advisories/GHSA-cmvj-g69f-8664 https://github.com/franklioxygen/MyTube/commit/f85ae9b0d6e4a6480c6af5b675a99069d08d496e https://access.redhat.com/security/cve/cve-2026-23837
Patch
https://github.com/franklioxygen/MyTube/tags
Share on: