### [CVE-2022-36082](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36082)
![](https://img.shields.io/static/v1?label=Product&message=mangadex-downloader&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen)

### Description

mangadex-downloader is a command-line tool to download manga from MangaDex. When using `file:<location>` command and `<location>` is a web URL location (http, https), mangadex-downloader between versions 1.3.0 and 1.7.2 will try to open and read a file in local disk for each line of website contents. Version 1.7.2 contains a patch for this issue.

### POC

#### Reference
- https://github.com/mansuf/mangadex-downloader/security/advisories/GHSA-r9x7-2xmr-v8fw

#### Github
No PoCs found on GitHub currently.