Lucene search
K

9 matches found

OSV
OSV
added 2024/04/10 5:7 p.m.26 views

GHSA-HJQ6-52GW-2G7P yt-dlp: `--exec` command injection when using `%q` in yt-dlp on Windows (Bypass of CVE-2023-40581)

Summary The patch that addressed CVE-2023-40581 attempted to prevent RCE when using --exec with %q by replacing double quotes with two double quotes. However, this escaping is not sufficient, and still allows expansion of environment variables. Support for output template expansion in --exec, alo...

8.3CVSS8.1AI score0.01254EPSS
Exploits1References9
NVD
NVD
added 2024/04/09 6:15 p.m.39 views

CVE-2024-22423

yt-dlp is a youtube-dl fork with additional features and fixes. The patch that addressed CVE-2023-40581 attempted to prevent RCE when using --exec with %q by replacing double quotes with two double quotes. However, this escaping is not sufficient, and still allows expansion of environment...

9.8CVSS8AI score0.01254EPSS
Exploits1References7
Debian CVE
Debian CVE
added 2024/04/09 5:22 p.m.39 views

CVE-2024-22423

yt-dlp is a youtube-dl fork with additional features and fixes. The patch that addressed CVE-2023-40581 attempted to prevent RCE when using --exec with %q by replacing double quotes with two double quotes. However, this escaping is not sufficient, and still allows expansion of environment...

9.8CVSS7.5AI score0.01254EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2024/04/09 5:22 p.m.48 views

CVE-2024-22423

yt-dlp is a youtube-dl fork with additional features and fixes. The patch that addressed CVE-2023-40581 attempted to prevent RCE when using --exec with %q by replacing double quotes with two double quotes. However, this escaping is not sufficient, and still allows expansion of environment...

9.8CVSS8.1AI score0.01254EPSS
Exploits1
Circl
Circl
added 2023/09/25 10:39 p.m.7 views

CVE-2023-40581

creationtimestamp| type| source ---|---|--- 2023-09-25 22:39:32+00:00| seen| https://t.me/cibsecurity/71010 2026-01-05 22:32:20+00:00| seen| https://bsky.app/profile/euvd-bot.bsky.social/post/3mbpikwx7aw27...

8.3CVSS7.4AI score0.01292EPSS
Exploits1References2
CVE
CVE
added 2023/09/25 6:54 p.m.95 views

CVE-2023-40581

CVE-2023-40581 concerns yt-dlp on Windows, where the --exec flag can perform shell commands with output template expansion. The underlying issue is that the escaping for cmd.exe is insufficient, allowing remote code execution when supplied data contains crafted metadata. The vulnerability is tied...

8.3CVSS8.3AI score0.01292EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2023/09/25 5:33 p.m.34 views

GHSA-42H4-V29R-42QG yt-dlp on Windows vulnerable to `--exec` command injection when using `%q`

Impact yt-dlp allows the user to provide shell commands to be executed at various stages in its download process through the --exec flag. This flag allows output template expansion in its argument, so that video metadata values may be used in the shell commands. The metadata fields can be combine...

8.3CVSS8.2AI score0.01292EPSS
Exploits2References7
vulnersOsv
vulnersOsv
added 2023/09/25 5:33 p.m.10 views

africanwhisper (>=0.2.8 <=0.9.0), agentx-tools (>=0.2.0 <=0.7.1) +74 more potentially affected by CVE-2023-40581 +1 more via yt-dlp (>=2021.9.2 <=2023.7.6)

yt-dlp PYPI version =2021.9.2, =0.2.8, =0.2.0, =2023.3.3, =0.1.0, =0.3.0, =0.0.4, =1.4.0, =0.1.0, =1.0.2, =2.0.0a1, =11.7.1, =2.3.10, =3.0.1 and more Source cves: CVE-2023-40581, CVE-2024-22423 Source advisory: OSV:GHSA-42H4-V29R-42QG...

9.8CVSS7.3AI score0.01292EPSS
Exploits2
Github Security Blog
Github Security Blog
added 2023/09/25 5:33 p.m.65 views

yt-dlp on Windows vulnerable to `--exec` command injection when using `%q`

Impact yt-dlp allows the user to provide shell commands to be executed at various stages in its download process through the --exec flag. This flag allows output template expansion in its argument, so that video metadata values may be used in the shell commands. The metadata fields can be combine...

8.3CVSS7.9AI score0.01292EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder