PT-2024-40055 · Phantomjs +2 · Phantomjs +2

Name of the Vulnerable Software and Affected Versions: yt-dlp versions prior to 2024.07.07 Description: The issue arises from yt-dlp's DouyuTV and DouyuShow extractors using a URL from cdn.bootcdn.net as a fallback for fetching a component of the crypto-js JavaScript library. This URL is owned by...