Lucene search
K

2902 matches found

NVD
NVD
added 2023/12/04 1:15 a.m.14 views

CVE-2023-42721

In flv extractor, there is a possible missing verification incorrect input. This could lead to local denial of service with no additional execution privileges needed...

5.5CVSS0.00099EPSS
Exploits0References1
Prion
Prion
added 2023/12/04 1:15 a.m.19 views

Input validation

In flv extractor, there is a possible missing verification incorrect input. This could lead to local denial of service with no additional execution privileges needed...

1.7CVSS7AI score0.00099EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/12/04 12:54 a.m.31 views

CVE-2023-42721

The CVE-2023-42721 entry concerns the flv extractor component, where missing input validation is the reported root cause. This vulnerability could allow local denial of service without requiring user interaction or additional privileges, as described in multiple connected records (notably the Red...

5.5CVSS5.4AI score0.00099EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/12/04 12:54 a.m.9 views

CVE-2023-42721

In flv extractor, there is a possible missing verification incorrect input. This could lead to local denial of service with no additional execution privileges needed...

6.7AI score0.00099EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/12/04 12:54 a.m.18 views

CVE-2023-42721

In flv extractor, there is a possible missing verification incorrect input. This could lead to local denial of service with no additional execution privileges needed...

5.7AI score0.00099EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/12/04 12:0 a.m.3 views

UNISOC Chipsets Security Vulnerability

UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in UNISOC Chipsets, which originates from a false input in the flv extractor module that lacks validation...

5.5CVSS6.8AI score0.00099EPSS
Exploits0References1
OSV
OSV
added 2023/11/18 7:0 p.m.5 views

OPENSUSE-SU-2023:0374-1 Security update for yt-dlp

This update for yt-dlp fixes the following issues: - Update to release 2023.11.14 Security: CVE-2023-46121 Patch Generic Extractor MITM Vulnerability via Arbitrary Proxy Injection Disallow smuggling of arbitrary httpheaders; extractors now only use specific headers - Make yt-dlp require the one...

8.2CVSS6.6AI score0.00902EPSS
Exploits0References5
OPENSUSE Linux
OPENSUSE Linux
added 2023/11/18 12:0 a.m.9 views

Security update for yt-dlp (moderate)

openSUSE Security Update: Security update for yt-dlp Announcement ID: openSUSE-SU-2023:0374-1 Rating: moderate References: 1213124 1216467 Cross-References: CVE-2023-35934 CVE-2023-46121 CVSS scores: CVE-2023-35934 NVD : 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N Affected Products: openSUSE...

8.2CVSS6.7AI score0.00902EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/11/16 1:54 a.m.3 views

SUSE CVE-2023-46121

yt-dlp is a youtube-dl fork with additional features and fixes. The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary url, allowing the attacker to MITM the request made from yt-dlp's HTTP session. This could lead to cookie...

3.7CVSS7AI score0.00318EPSS
Exploits0References4
NVD
NVD
added 2023/11/15 12:15 a.m.19 views

CVE-2023-46121

yt-dlp is a youtube-dl fork with additional features and fixes. The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary url, allowing the attacker to MITM the request made from yt-dlp's HTTP session. This could lead to cookie...

5CVSS0.00318EPSS
Exploits0References3
OSV
OSV
added 2023/11/15 12:15 a.m.4 views

DEBIAN-CVE-2023-46121

yt-dlp is a youtube-dl fork with additional features and fixes. The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary url, allowing the attacker to MITM the request made from yt-dlp's HTTP session. This could lead to cookie...

3.7CVSS5.2AI score0.00318EPSS
Exploits0References1
OSV
OSV
added 2023/11/15 12:15 a.m.2 views

UBUNTU-CVE-2023-46121

yt-dlp is a youtube-dl fork with additional features and fixes. The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary url, allowing the attacker to MITM the request made from yt-dlp's HTTP session. This could lead to cookie...

5CVSS5.9AI score0.00318EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2023/11/15 12:0 a.m.22 views

CVE-2023-46121

yt-dlp is a youtube-dl fork with additional features and fixes. The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary url, allowing the attacker to MITM the request made from yt-dlp's HTTP session. This could lead to cookie...

5CVSS6AI score0.00318EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/11/14 11:31 p.m.22 views

CVE-2023-46121 Generic Extractor MITM Vulnerability in yt-dlp

yt-dlp is a youtube-dl fork with additional features and fixes. The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary url, allowing the attacker to MITM the request made from yt-dlp's HTTP session. This could lead to cookie...

5CVSS6.8AI score0.00318EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/11/14 11:31 p.m.21 views

CVE-2023-46121 Generic Extractor MITM Vulnerability in yt-dlp

yt-dlp is a youtube-dl fork with additional features and fixes. The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary url, allowing the attacker to MITM the request made from yt-dlp's HTTP session. This could lead to cookie...

5CVSS5.8AI score0.00318EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2023/11/14 11:31 p.m.15 views

CVE-2023-46121

yt-dlp is a youtube-dl fork with additional features and fixes. The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary url, allowing the attacker to MITM the request made from yt-dlp's HTTP session. This could lead to cookie...

5CVSS5AI score0.00318EPSS
Exploits0
CVE
CVE
added 2023/11/14 11:31 p.m.68 views

CVE-2023-46121

CVE-2023-46121 – yt-dlp Generic Extractor MitM vulnerability affects the yt-dlp project (a fork of youtube-dl) where the Generic Extractor could be fed an arbitrary proxy via a crafted URL, enabling a man-in-the-middle on the HTTP session and potential cookie exfiltration. Technical details acros...

5CVSS4.9AI score0.00318EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/11/14 11:31 p.m.23 views

CVE-2023-46121 Generic Extractor MITM Vulnerability in yt-dlp

yt-dlp is a youtube-dl fork with additional features and fixes. The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary url, allowing the attacker to MITM the request made from yt-dlp's HTTP session. This could lead to cookie...

5CVSS5AI score0.00318EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2023/11/14 11:31 p.m.21 views

CVE-2023-46121

yt-dlp is a youtube-dl fork with additional features and fixes. The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary url, allowing the attacker to MITM the request made from yt-dlp's HTTP session. This could lead to cookie...

5CVSS5.1AI score0.00318EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/11/14 12:0 a.m.3 views

PT-2023-29854 · Yt-Dlp +2 · Yt-Dlp +2

Name of the Vulnerable Software and Affected Versions: yt-dlp versions prior to 2023.11.14 Description: The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary URL, allowing the attacker to perform a Man-In-The-Middle MITM attack on th...

8.2CVSS6.8AI score0.00902EPSS
Exploits0References23
Rows per page
Query Builder