Lucene search
+L

6 matches found

redhatcve
redhatcve
added 2025/04/26 6:21 p.m.22 views

CVE-2025-43858

YoutubeDLSharp is a wrapper for the command-line video downloaders youtube-dl and yt-dlp. In versions starting from 1.0.0-beta4 and prior to 1.1.2, an unsafe conversion of arguments allows the injection of a malicious commands when starting yt-dlp from a commands prompt running on Windows OS with...

9.2CVSS7.3AI score0.00236EPSS
Exploits0References1
nvd
nvd
added 2025/04/24 6:15 p.m.57 views

CVE-2025-43858

YoutubeDLSharp is a wrapper for the command-line video downloaders youtube-dl and yt-dlp. In versions starting from 1.0.0-beta4 and prior to 1.1.2, an unsafe conversion of arguments allows the injection of a malicious commands when starting yt-dlp from a commands prompt running on Windows OS with...

9.2CVSS0.00236EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2025/04/24 6:4 p.m.13 views

CVE-2025-43858 YoutubeDLSharp allows command injection on windows system due to non sanitized arguments

YoutubeDLSharp is a wrapper for the command-line video downloaders youtube-dl and yt-dlp. In versions starting from 1.0.0-beta4 and prior to 1.1.2, an unsafe conversion of arguments allows the injection of a malicious commands when starting yt-dlp from a commands prompt running on Windows OS with...

9.2CVSS9.5AI score0.00236EPSS
Exploits0References3
cve
cve
added 2025/04/24 6:4 p.m.68 views

CVE-2025-43858

The CVE-2025-43858 issue affects YoutubeDLSharp where an unsafe conversion of arguments when launching yt-dlp on Windows (UseWindowsEncodingWorkaround = true by default) allows command injection. Affected versions are from 1.0.0-beta4 up to just before 1.1.2; the vulnerability occurs when argumen...

9.2CVSS7.3AI score0.00236EPSS
Exploits0References3
osv
osv
added 2025/04/24 6:4 p.m.16 views

CVE-2025-43858 YoutubeDLSharp allows command injection on windows system due to non sanitized arguments

YoutubeDLSharp is a wrapper for the command-line video downloaders youtube-dl and yt-dlp. In versions starting from 1.0.0-beta4 and prior to 1.1.2, an unsafe conversion of arguments allows the injection of a malicious commands when starting yt-dlp from a commands prompt running on Windows OS with...

9.2CVSS7AI score0.00236EPSS
Exploits0References5
circl
circl
added 2025/04/23 8:57 p.m.29 views

CVE-2025-43858

creationtimestamp| type| source ---|---|--- 2025-04-23 20:57:38+00:00| published-proof-of-concept| https://github.com/Bluegrams/YoutubeDLSharp/security/advisories/GHSA-2jh5-g5ch-43q5 2025-04-24 19:07:20+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114394506142543507 2025-04-24...

9.2CVSS5.7AI score0.00236EPSS
Exploits0References5
Rows per page
Query Builder