3 matches found
aij (>=1.0.14 <=1.2.10), aiotube (>=1.2.0 <=1.2.2) +349 more potentially affected by CVE-2024-38519 via youtube-dl (>=2015.9.22 <=2021.12.17)
youtube-dl PYPI version =2015.9.22, =1.0.14, =1.2.0, =0.0.1, =1.3.0, =0.1.0, =0.0.4, =0.0.1b1, =2.1.2, =0.4.6, =1.0.3, =0.0.2, =0.0.3 and more Source cves: CVE-2024-38519 Source advisory: OSV:GHSA-22FP-MF44-F2MQ...
CVE-2024-38519
creationtimestamp| type| source ---|---|--- 2024-07-05 05:03:14+00:00| published-proof-of-concept| https://t.me/CNArsenal/2756 2024-07-05 05:10:16+00:00| published-proof-of-concept| Telegram/V1bxD-jcgLJhIO9UiHe8d1hYmveopVgEe6OZN4ebF4Ex04 2024-07-05 15:57:33+00:00| seen|...
DEBIAN-CVE-2024-38519
yt-dlp and youtube-dl are command-line audio/video downloaders. Prior to the fixed versions, yt-dlp and youtube-dl do not limit the extensions of downloaded files, which could lead to arbitrary filenames being created in the download folder and path traversal on Windows. Since yt-dlp and youtube-...