3 matches found
PT-2025-21569 · Spotipy · Spotipy
Name of the Vulnerable Software and Affected Versions: Spotipy versions prior to the commit that reverted the change commit 9dfb7177b8d7bb98a5a6014f8e6436812a47576f Description: The issue concerns the use of pull request target in .github/workflows/integration tests.yml, which can be exploited by...
discogrify (>=0.0.10 <=0.0.11), djtools (>=2.6.0 <=2.7.13rc13) +34 more potentially affected by CVE-2025-27154 via spotipy (>=2.10.0 <=2.25.0)
spotipy PYPI version =2.10.0, =0.0.10, =2.6.0, =0.0.3, =0.0.1, =0.2.0, =0.1.1, =0.1.0, =0.0.2.dev4, =0.2.0, =0.2.6 and more Source cves: CVE-2025-27154 Source advisory: OSV:GHSA-PWHH-Q4H6-W599...
discogrify (>=0.0.10 <=0.0.11), djtools (>=2.6.0 <=2.7.13rc13) +34 more potentially affected by CVE-2025-27154 via spotipy (>=2.10.0 <=2.25.0)
spotipy PYPI version =2.10.0, =0.0.10, =2.6.0, =0.0.3, =0.0.1, =0.2.0, =0.1.1, =0.1.0, =0.0.2.dev4, =0.2.0, =0.2.6 and more Source cves: CVE-2025-27154 Source advisory: SNYK:PYTHON-SPOTIPY-8757395...