5 matches found
FreeBSD : Spotipy -- Path traversal vulnerability (c3fb48cc-a2ff-11ed-8fbc-6cf0490a8c18)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c3fb48cc-a2ff-11ed-8fbc-6cf0490a8c18 advisory. - Spotipy is a light weight Python library for the Spotify Web API. In versions prior to 2.22.1, if a...
CVE-2023-23608
creationtimestamp| type| source ---|---|--- 2023-01-27 00:47:00+00:00| seen| https://t.me/cibsecurity/57008...
CVE-2023-23608 spotipy Path traversal vulnerability that may lead to type confusion in URI handling code
Spotipy is a light weight Python library for the Spotify Web API. In versions prior to 2.22.1, if a malicious URI is passed to the library, the library can be tricked into performing an operation on a different API endpoint than intended. The code Spotipy uses to parse URIs and URLs allows an...
CVE-2023-23608
Spotipy (Python library for Spotify Web API) versions prior to 2.22.1 are affected by a path-traversal issue in URI handling. The library’s URI/URL parsing can insert arbitrary characters into the API-request path (e.g., ".."), allowing requests to be redirected from one endpoint to another (such...
discogrify (>=0.0.10 <=0.0.11), djtools (>=2.6.0 <=2.7.13rc13) +14 more potentially affected by CVE-2023-23608 via spotipy (>=2.10.0 <=2.22.0)
spotipy PYPI version =2.10.0, =0.0.10, =2.6.0, =0.0.1, =0.1.0, =0.0.2.dev4, =1.0.0, =0.0.1, =6.0.0, =0.1.1, =0.1.0, =1.0.0, =1.3.0 and more Source cves: CVE-2023-23608 Source advisory: OSV:GHSA-Q764-G6FM-555V...