Lucene search
FreeBSDC3FB48CC-A2FF-11ED-8FBC-6CF0490A8C18HistoryJan 16, 2023 - 12:00 a.m.
Spotipy -- Path traversal vulnerability
2023-01-1600:00:00
vuxml.freebsd.org
10
spotipy
path traversal
vulnerability
api endpoint
stã©phane bruckert
unix
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
0.001 Low
EPSS
Percentile
30.7%
Stéphane Bruckert
If a malicious URI is passed to the library, the library can be tricked into performing an operation on a different API endpoint than intended.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| FreeBSD | any | noarch | py37-spotipy | <= 2.22.0 | UNKNOWN |
| FreeBSD | any | noarch | py38-spotipy | <= 2.22.0 | UNKNOWN |
| FreeBSD | any | noarch | py39-spotipy | <= 2.22.0 | UNKNOWN |
| FreeBSD | any | noarch | py310-spotipy | <= 2.22.0 | UNKNOWN |
| FreeBSD | any | noarch | py311-spotipy | <= 2.22.0 | UNKNOWN |
Related
nessus
nessus
prion
prion
Design/Logic Flaw
2023-01-26 21:18:00
osv
osv
CVE-2023-23608
2023-01-26 21:18:13
Path traversal in spotipy
2023-01-23 22:05:11
cve
cve
CVE-2023-23608
2023-01-26 21:18:13
cvelist
cvelist
nvd
nvd
CVE-2023-23608
2023-01-26 21:18:13
github
github
Path traversal in spotipy
2023-01-23 22:05:11
veracode
veracode
Path Traversal
2023-01-27 06:37:39
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
0.001 Low
EPSS
Percentile
30.7%
Related for C3FB48CC-A2FF-11ED-8FBC-6CF0490A8C18