Lucene search
K

12 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2023-35934

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak...

8.2CVSS7.5AI score0.01038EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.35 views

openSUSE: Security Advisory for yt (openSUSE-SU-2023:0374-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS6.2AI score0.01038EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/08/26 12:0 a.m.18 views

Fedora: Security Advisory for youtube-dl (FEDORA-2023-1f11546a48)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS8.3AI score0.01038EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/08/25 12:0 a.m.24 views

Fedora 38 : youtube-dl (2023-1f11546a48)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-1f11546a48 advisory. Update to latest upstream git snapshot. Various changes, including bug fix for cookie leak vulnerability. Tenable has extracted the preceding description blo...

8.2CVSS7.7AI score0.01038EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/07/13 12:0 a.m.17 views

Fedora: Security Advisory for yt-dlp (FEDORA-2023-79e2b35ba6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS8.3AI score0.01038EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/07/12 12:0 a.m.23 views

Fedora 37 : yt-dlp (2023-79e2b35ba6)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-79e2b35ba6 advisory. Update to 2023.07.06. Mitigates CVE-2023-35934 / GHSA-v8mc-9377-rwjj. ---- Update to 2023.06.22. Fixes rhbz2216612. ---- Update to 2023.06.21. Fixes...

8.2CVSS7.7AI score0.01038EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/07/09 12:0 a.m.18 views

Fedora 38 : yt-dlp (2023-9f3938e10d)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-9f3938e10d advisory. Update to 2023.07.06. Mitigates CVE-2023-35934 / GHSA-v8mc-9377-rwjj Tenable has extracted the preceding description block directly from the Fedora security...

8.2CVSS7.7AI score0.01038EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2023/07/06 7:47 p.m.5 views

africanwhisper (>=0.2.8 <=0.9.0), agentx-tools (>=0.2.0 <=0.7.1) +70 more potentially affected by CVE-2023-35934 via yt-dlp (>=2021.9.2 <=2023.6.22)

yt-dlp PYPI version =2021.9.2, =0.2.8, =0.2.0, =2023.3.3, =0.1.0, =0.3.0, =0.0.4, =1.4.0, =0.1.0, =1.0.2, =2.0.0a1, =11.7.1, =2.3.10, =3.0.1 and more Source cves: CVE-2023-35934 Source advisory: OSV:GHSA-V8MC-9377-RWJJ...

8.2CVSS7.4AI score0.01038EPSS
Exploits0
OSV
OSV
added 2023/07/06 7:47 p.m.19 views

GHSA-V8MC-9377-RWJJ yt-dlp File Downloader cookie leak

Impact During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. This vulnerable behavior is present in all versions of...

6.1CVSS7AI score0.01038EPSS
Exploits0References12
CVE
CVE
added 2023/07/06 7:39 p.m.105 views

CVE-2023-35934

CVE-2023-35934 affects yt-dlp prior to 2023.07.06 and nightly 2023.07.06.185519. The issue: during file downloads, yt-dlp or its external downloaders may leak cookies by sending them as a Cookie header, including in the info JSON, causing cookies to be sent to domains/paths not scoped. All native...

8.2CVSS7AI score0.01038EPSS
Exploits0References10Affected Software3
Debian CVE
Debian CVE
added 2023/07/06 7:39 p.m.21 views

CVE-2023-35934

yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host...

8.2CVSS8.1AI score0.01038EPSS
Exploits0
OSV
OSV
added 2023/07/06 7:39 p.m.21 views

CVE-2023-35934 yt-dlp File Downloader cookie leak

yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host...

6.1CVSS8.1AI score0.01038EPSS
Exploits0References12
Rows per page
Query Builder