VYPR

Gdown

by Wkentaro

pypi: gdown

Source repositories

CVEs (1)

  • CVE-2026-40491MedApr 18, 2026
    risk 0.35cvss 6.5epss 0.01

    gdown is a Google Drive public file/folder downloader. Versions prior to 5.2.2 are vulnerable to a Path Traversal attack within the extractall functionality. When extracting a maliciously crafted ZIP or TAR archive, the library fails to sanitize or validate the filenames of the…