Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
Spotipy ProjectSpotipy

2 matches found

CVE
CVEadded 2025/02/27 2:15 p.m.92 views

CVE-2025-27154

Spotipy is a lightweight Python library for the Spotify Web API. The CacheHandler class creates a cache file to store the auth token. Prior to version 2.25.1, the file created has rw-r--r-- (644) permissions by default, when it could be locked down to rw------- (600) permissions. This leads to over...

9.8CVSS6.8AI score0.0011EPSS
CVE
CVEadded 2023/01/26 9:18 p.m.88 views

CVE-2023-23608

Spotipy is a light weight Python library for the Spotify Web API. In versions prior to 2.22.1, if a malicious URI is passed to the library, the library can be tricked into performing an operation on a different API endpoint than intended. The code Spotipy uses to parse URIs and URLs allows an attac...

4.3CVSS4.3AI score0.00313EPSS