podcastfy@0.2.7 vulnerabilities

An Open Source alternative to NotebookLM's podcast feature: Transforming Multimodal Content into Captivating Multilingual Audio Conversations with GenAI

  • latest version

    0.4.1

  • latest non vulnerable version

  • first published

    2 months ago

  • latest version published

    1 months ago

  • licenses detected

  • Direct Vulnerabilities

    Known vulnerabilities in the podcastfy package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • H
    Arbitrary File Upload

    podcastfy is an An Open Source alternative to NotebookLM's podcast feature: Transforming Multimodal Content into Captivating Multilingual Audio Conversations with GenAI

    Affected versions of this package are vulnerable to Arbitrary File Upload through allowing image loading from local path sources. This can lead to unauthorized access or injection attacks through improperly managed file paths. The vulnerability arises from loading images via local paths instead of secure URLs.

    How to fix Arbitrary File Upload?

    Upgrade podcastfy to version 0.3.1 or higher.

    [,0.3.1)