2899 matches found
CVE-2023-42721
In flv extractor, there is a possible missing verification incorrect input. This could lead to local denial of service with no additional execution privileges needed...
CVE-2023-42721
In flv extractor, there is a possible missing verification incorrect input. This could lead to local denial of service with no additional execution privileges needed...
CVE-2023-42721
The CVE-2023-42721 entry concerns the flv extractor component, where missing input validation is the reported root cause. This vulnerability could allow local denial of service without requiring user interaction or additional privileges, as described in multiple connected records (notably the Red...
UNISOC Chipsets Security Vulnerability
UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in UNISOC Chipsets, which originates from a false input in the flv extractor module that lacks validation...
OPENSUSE-SU-2023:0374-1 Security update for yt-dlp
This update for yt-dlp fixes the following issues: - Update to release 2023.11.14 Security: CVE-2023-46121 Patch Generic Extractor MITM Vulnerability via Arbitrary Proxy Injection Disallow smuggling of arbitrary httpheaders; extractors now only use specific headers - Make yt-dlp require the one...
Security update for yt-dlp (moderate)
openSUSE Security Update: Security update for yt-dlp Announcement ID: openSUSE-SU-2023:0374-1 Rating: moderate References: 1213124 1216467 Cross-References: CVE-2023-35934 CVE-2023-46121 CVSS scores: CVE-2023-35934 NVD : 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N Affected Products: openSUSE...
SUSE CVE-2023-46121
yt-dlp is a youtube-dl fork with additional features and fixes. The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary url, allowing the attacker to MITM the request made from yt-dlp's HTTP session. This could lead to cookie...
DEBIAN-CVE-2023-46121
yt-dlp is a youtube-dl fork with additional features and fixes. The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary url, allowing the attacker to MITM the request made from yt-dlp's HTTP session. This could lead to cookie...
CVE-2023-46121
yt-dlp is a youtube-dl fork with additional features and fixes. The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary url, allowing the attacker to MITM the request made from yt-dlp's HTTP session. This could lead to cookie...
UBUNTU-CVE-2023-46121
yt-dlp is a youtube-dl fork with additional features and fixes. The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary url, allowing the attacker to MITM the request made from yt-dlp's HTTP session. This could lead to cookie...
CVE-2023-46121
yt-dlp is a youtube-dl fork with additional features and fixes. The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary url, allowing the attacker to MITM the request made from yt-dlp's HTTP session. This could lead to cookie...
CVE-2023-46121 Generic Extractor MITM Vulnerability in yt-dlp
yt-dlp is a youtube-dl fork with additional features and fixes. The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary url, allowing the attacker to MITM the request made from yt-dlp's HTTP session. This could lead to cookie...
CVE-2023-46121 Generic Extractor MITM Vulnerability in yt-dlp
yt-dlp is a youtube-dl fork with additional features and fixes. The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary url, allowing the attacker to MITM the request made from yt-dlp's HTTP session. This could lead to cookie...
CVE-2023-46121
yt-dlp is a youtube-dl fork with additional features and fixes. The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary url, allowing the attacker to MITM the request made from yt-dlp's HTTP session. This could lead to cookie...
CVE-2023-46121
CVE-2023-46121 – yt-dlp Generic Extractor MitM vulnerability affects the yt-dlp project (a fork of youtube-dl) where the Generic Extractor could be fed an arbitrary proxy via a crafted URL, enabling a man-in-the-middle on the HTTP session and potential cookie exfiltration. Technical details acros...
CVE-2023-46121
yt-dlp is a youtube-dl fork with additional features and fixes. The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary url, allowing the attacker to MITM the request made from yt-dlp's HTTP session. This could lead to cookie...
CVE-2023-46121 Generic Extractor MITM Vulnerability in yt-dlp
yt-dlp is a youtube-dl fork with additional features and fixes. The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary url, allowing the attacker to MITM the request made from yt-dlp's HTTP session. This could lead to cookie...
PT-2023-29854 · Yt-Dlp +2 · Yt-Dlp +2
Name of the Vulnerable Software and Affected Versions: yt-dlp versions prior to 2023.11.14 Description: The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary URL, allowing the attacker to perform a Man-In-The-Middle MITM attack on th...
PYSEC-2023-229
ArchiveBox is an open source self-hosted web archiving system. Any users who are using the wget extractor and view the content it outputs. The impact is potentially severe if you are logged in to the ArchiveBox admin site in the same browser session and view an archived malicious page designed to...
PT-2023-29705 · Unknown +1 · Archivebox +1
Name of the Vulnerable Software and Affected Versions: ArchiveBox affected versions not specified Description: The issue affects users of the wget extractor who view the content it outputs. If a user is logged in to the ArchiveBox admin site in the same browser session and views an archived...