VDB
CVE-2023-35934
CVE-2023-35934
PUBLISHED
CVSS 6.099999904632568 MEDIUM
yt-dlp File Downloader cookie leak
EPSS 0.69% · 72.2th percentile
Risk Scores
CVSS v3.1
6.099999904632568
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
EPSS Score
0.69%
72.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| fedoraproject | fedora | 38, 37 |
| yt-dl | youtube-dl | 2015.01.25 |
| youtube-dlc_project | youtube-dlc | |
| yt-dlp | yt-dlp | yt-dlp < 2023.07.06, yt-dlp < nightly 2023.07.06.185519 |
| yt-dlp_project | yt-dlp | 0, 0 |
| PyPI | yt-dlp | 0 |
Timeline
- Jul 6, 2023 CVE Published
- Jul 7, 2023 EPSS Score
- Aug 11, 2023 EPSS Score
- Aug 25, 2023 CVE Updated
- Sep 15, 2023 EPSS Score
- Nov 23, 2023 EPSS Score
- Dec 28, 2023 EPSS Score
- Feb 1, 2024 EPSS Score
- Mar 6, 2024 EPSS Score
- Apr 10, 2024 EPSS Score
- Jun 19, 2024 EPSS Score
- Jul 23, 2024 EPSS Score
References
- https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-v8mc-9377-rwjj url
- https://github.com/yt-dlp/yt-dlp/commit/1ceb657bdd254ad961489e5060f2ccc7d556b729 url
- https://github.com/yt-dlp/yt-dlp/commit/3121512228487c9c690d3d39bfd2579addf96e07 url
- https://github.com/yt-dlp/yt-dlp/commit/f8b4bcc0a791274223723488bfbfc23ea3276641 url
- https://github.com/yt-dlp/yt-dlp-nightly-builds/releases/tag/2023.07.06.185519 url
- https://github.com/yt-dlp/yt-dlp/releases/tag/2023.07.06 url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IM44RJL2MR2WG3ZY354C5IUEEZUJGEVA/ url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5X6YT6AQE5FHM5VTQLKKJXSYBLLJF26W/ url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HEOKCGVONGHR2SYUIXU33A4MKXZBDP6L/ url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M7E7CQ5S5KMZHAMCNU7V7KYNBVCPLBHG/ url
- https://nvd.nist.gov/vuln/detail/CVE-2023-35934 advisory
- https://github.com/yt-dlp/yt-dlp package
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5X6YT6AQE5FHM5VTQLKKJXSYBLLJF26W url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HEOKCGVONGHR2SYUIXU33A4MKXZBDP6L url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IM44RJL2MR2WG3ZY354C5IUEEZUJGEVA url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M7E7CQ5S5KMZHAMCNU7V7KYNBVCPLBHG url