CVE-2025-62511 | zheny-creator YtGrabber-TUI up to 1.0.0 on Linux Setting config.json load_json_settings toctou (GHSA-hwwf-fq6p-rw9q)

Inserito da Angelo Barbosa | Ott 18, 2025 | CVE

A vulnerability, which was classified as problematic, was found in zheny-creator YtGrabber-TUI up to 1.0.0 on Linux. Impacted is the function load_json_settings of the file config.json of the component Setting Handler. Executing manipulation can lead to time-of-check time-of-use.

This vulnerability is registered as CVE-2025-62511. The attack needs to be launched locally. No exploit is available.

You should upgrade the affected component.

CVE-2025-62511 | zheny-creator YtGrabber-TUI up to 1.0.0 on Linux Setting config.json load_json_settings toctou (GHSA-hwwf-fq6p-rw9q)

Post correlati

CVE-2024-2742 | Planet IGS-4215-16T2S 1.305b210528 IP Address os command injection

CVE-2023-50436 | Couchbase Server up to 7.2.3 log file

CVE-2024-42053 | Splashtop Streamer up to 3.5.x on Windows Installation version.dll temp file

CVE-2025-7206 | D-Link DIR-825 2.10 httpd switch_language.cgi sub_410DDC Language stack-based overflow