CVE-2024-38519
CVE-2024-38519 affects yt-dlp and youtube-dl: prior to fixes, the tools do not limit downloaded file extensions, enabling potential creation of arbitrary filenames and path traversal on Windows, with risk of arbitrary code execution due to config/files being read from the working directory. The i...