Package | Installed | Affected | Info |
---|---|---|---|
youtube-dl | 2021.12.17 | <=2021.12.17 |
show Youtube-dl 2021.12.17 and prior versions are vulnerable to CVE-2023-35934: It may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-v8mc-9377-rwjj |
youtube-dl | 2021.12.17 | >=0,<2023.7.06 |
show yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. This vulnerable behavior is present in yt-dlp prior to 2023.07.06 and nightly 2023.07.06.185519. All native and external downloaders are affected, except for `curl` and `httpie` (version 3.1.0 or later). |
Package | Installed | Affected | Info |
---|---|---|---|
youtube-dl | 2021.12.17 | <=2021.12.17 |
show Youtube-dl 2021.12.17 and prior versions are vulnerable to CVE-2023-35934: It may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-v8mc-9377-rwjj |
youtube-dl | 2021.12.17 | >=0,<2023.7.06 |
show yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. This vulnerable behavior is present in yt-dlp prior to 2023.07.06 and nightly 2023.07.06.185519. All native and external downloaders are affected, except for `curl` and `httpie` (version 3.1.0 or later). |
Package | Installed | Affected | Info |
---|---|---|---|
youtube-dl | 2021.12.17 | <=2021.12.17 |
show Youtube-dl 2021.12.17 and prior versions are vulnerable to CVE-2023-35934: It may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-v8mc-9377-rwjj |
youtube-dl | 2021.12.17 | >=0,<2023.7.06 |
show yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. This vulnerable behavior is present in yt-dlp prior to 2023.07.06 and nightly 2023.07.06.185519. All native and external downloaders are affected, except for `curl` and `httpie` (version 3.1.0 or later). |
Package | Installed | Affected | Info |
---|---|---|---|
youtube-dl | 2021.12.17 | <=2021.12.17 |
show Youtube-dl 2021.12.17 and prior versions are vulnerable to CVE-2023-35934: It may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-v8mc-9377-rwjj |
youtube-dl | 2021.12.17 | >=0,<2023.7.06 |
show yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. This vulnerable behavior is present in yt-dlp prior to 2023.07.06 and nightly 2023.07.06.185519. All native and external downloaders are affected, except for `curl` and `httpie` (version 3.1.0 or later). |
Package | Installed | Affected | Info |
---|---|---|---|
youtube-dl | 2021.12.17 | <=2021.12.17 |
show Youtube-dl 2021.12.17 and prior versions are vulnerable to CVE-2023-35934: It may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-v8mc-9377-rwjj |
youtube-dl | 2021.12.17 | >=0,<2023.7.06 |
show yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. This vulnerable behavior is present in yt-dlp prior to 2023.07.06 and nightly 2023.07.06.185519. All native and external downloaders are affected, except for `curl` and `httpie` (version 3.1.0 or later). |
Package | Installed | Affected | Info |
---|---|---|---|
Pygments | 2.4.2 | >=1.5,<2.7.4 |
show Pygments 2.7.4 includes a fix for CVE-2021-20270: An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword. |
Pygments | 2.4.2 | >=1.1,<2.7.4 |
show Pygments 2.7.4 includes a fix for CVE-2021-27291: In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By crafting malicious input, an attacker can cause a denial of service. |
Pygments | 2.4.2 | <2.15.0 |
show Pygments 2.15.0 includes a fix for CVE-2022-40896: The regular expressions used when parsing Smithy, SQL/SQL+Jinja, and Java properties files were discovered to be vulnerable. As a result, pygmentizing a maliciously-crafted file of these kinds would have resulted in high resources consumption or crashing of the application. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages-part-2 |
youtube-dl | 2021.12.17 | <=2021.12.17 |
show Youtube-dl 2021.12.17 and prior versions are vulnerable to CVE-2023-35934: It may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-v8mc-9377-rwjj |
youtube-dl | 2021.12.17 | >=0,<2023.7.06 |
show yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. This vulnerable behavior is present in yt-dlp prior to 2023.07.06 and nightly 2023.07.06.185519. All native and external downloaders are affected, except for `curl` and `httpie` (version 3.1.0 or later). |
Package | Installed | Affected | Info |
---|---|---|---|
Pygments | 2.4.2 | >=1.5,<2.7.4 |
show Pygments 2.7.4 includes a fix for CVE-2021-20270: An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword. |
Pygments | 2.4.2 | >=1.1,<2.7.4 |
show Pygments 2.7.4 includes a fix for CVE-2021-27291: In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By crafting malicious input, an attacker can cause a denial of service. |
Pygments | 2.4.2 | <2.15.0 |
show Pygments 2.15.0 includes a fix for CVE-2022-40896: The regular expressions used when parsing Smithy, SQL/SQL+Jinja, and Java properties files were discovered to be vulnerable. As a result, pygmentizing a maliciously-crafted file of these kinds would have resulted in high resources consumption or crashing of the application. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages-part-2 |
youtube-dl | 2021.12.17 | <=2021.12.17 |
show Youtube-dl 2021.12.17 and prior versions are vulnerable to CVE-2023-35934: It may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-v8mc-9377-rwjj |
youtube-dl | 2021.12.17 | >=0,<2023.7.06 |
show yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. This vulnerable behavior is present in yt-dlp prior to 2023.07.06 and nightly 2023.07.06.185519. All native and external downloaders are affected, except for `curl` and `httpie` (version 3.1.0 or later). |
Package | Installed | Affected | Info |
---|---|---|---|
youtube-dl | 2021.12.17 | <=2021.12.17 |
show Youtube-dl 2021.12.17 and prior versions are vulnerable to CVE-2023-35934: It may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-v8mc-9377-rwjj |
youtube-dl | 2021.12.17 | >=0,<2023.7.06 |
show yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. This vulnerable behavior is present in yt-dlp prior to 2023.07.06 and nightly 2023.07.06.185519. All native and external downloaders are affected, except for `curl` and `httpie` (version 3.1.0 or later). |
Package | Installed | Affected | Info |
---|---|---|---|
youtube-dl | 2021.12.17 | <=2021.12.17 |
show Youtube-dl 2021.12.17 and prior versions are vulnerable to CVE-2023-35934: It may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-v8mc-9377-rwjj |
youtube-dl | 2021.12.17 | >=0,<2023.7.06 |
show yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. This vulnerable behavior is present in yt-dlp prior to 2023.07.06 and nightly 2023.07.06.185519. All native and external downloaders are affected, except for `curl` and `httpie` (version 3.1.0 or later). |
Package | Installed | Affected | Info |
---|---|---|---|
youtube-dl | 2021.12.17 | <=2021.12.17 |
show Youtube-dl 2021.12.17 and prior versions are vulnerable to CVE-2023-35934: It may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-v8mc-9377-rwjj |
youtube-dl | 2021.12.17 | >=0,<2023.7.06 |
show yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. This vulnerable behavior is present in yt-dlp prior to 2023.07.06 and nightly 2023.07.06.185519. All native and external downloaders are affected, except for `curl` and `httpie` (version 3.1.0 or later). |
Package | Installed | Affected | Info |
---|---|---|---|
youtube-dl | 2021.12.17 | <=2021.12.17 |
show Youtube-dl 2021.12.17 and prior versions are vulnerable to CVE-2023-35934: It may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-v8mc-9377-rwjj |
youtube-dl | 2021.12.17 | >=0,<2023.7.06 |
show yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. This vulnerable behavior is present in yt-dlp prior to 2023.07.06 and nightly 2023.07.06.185519. All native and external downloaders are affected, except for `curl` and `httpie` (version 3.1.0 or later). |
Package | Installed | Affected | Info |
---|---|---|---|
youtube-dl | 2021.12.17 | <=2021.12.17 |
show Youtube-dl 2021.12.17 and prior versions are vulnerable to CVE-2023-35934: It may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-v8mc-9377-rwjj |
youtube-dl | 2021.12.17 | >=0,<2023.7.06 |
show yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. This vulnerable behavior is present in yt-dlp prior to 2023.07.06 and nightly 2023.07.06.185519. All native and external downloaders are affected, except for `curl` and `httpie` (version 3.1.0 or later). |
Package | Installed | Affected | Info |
---|---|---|---|
Pygments | 2.4.2 | >=1.5,<2.7.4 |
show Pygments 2.7.4 includes a fix for CVE-2021-20270: An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword. |
Pygments | 2.4.2 | >=1.1,<2.7.4 |
show Pygments 2.7.4 includes a fix for CVE-2021-27291: In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By crafting malicious input, an attacker can cause a denial of service. |
Pygments | 2.4.2 | <2.15.0 |
show Pygments 2.15.0 includes a fix for CVE-2022-40896: The regular expressions used when parsing Smithy, SQL/SQL+Jinja, and Java properties files were discovered to be vulnerable. As a result, pygmentizing a maliciously-crafted file of these kinds would have resulted in high resources consumption or crashing of the application. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages-part-2 |
youtube-dl | 2021.12.17 | <=2021.12.17 |
show Youtube-dl 2021.12.17 and prior versions are vulnerable to CVE-2023-35934: It may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-v8mc-9377-rwjj |
youtube-dl | 2021.12.17 | >=0,<2023.7.06 |
show yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. This vulnerable behavior is present in yt-dlp prior to 2023.07.06 and nightly 2023.07.06.185519. All native and external downloaders are affected, except for `curl` and `httpie` (version 3.1.0 or later). |
Package | Installed | Affected | Info |
---|---|---|---|
Pygments | 2.4.2 | >=1.5,<2.7.4 |
show Pygments 2.7.4 includes a fix for CVE-2021-20270: An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword. |
Pygments | 2.4.2 | >=1.1,<2.7.4 |
show Pygments 2.7.4 includes a fix for CVE-2021-27291: In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By crafting malicious input, an attacker can cause a denial of service. |
Pygments | 2.4.2 | <2.15.0 |
show Pygments 2.15.0 includes a fix for CVE-2022-40896: The regular expressions used when parsing Smithy, SQL/SQL+Jinja, and Java properties files were discovered to be vulnerable. As a result, pygmentizing a maliciously-crafted file of these kinds would have resulted in high resources consumption or crashing of the application. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages-part-2 |
youtube-dl | 2021.12.17 | <=2021.12.17 |
show Youtube-dl 2021.12.17 and prior versions are vulnerable to CVE-2023-35934: It may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-v8mc-9377-rwjj |
youtube-dl | 2021.12.17 | >=0,<2023.7.06 |
show yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. This vulnerable behavior is present in yt-dlp prior to 2023.07.06 and nightly 2023.07.06.185519. All native and external downloaders are affected, except for `curl` and `httpie` (version 3.1.0 or later). |
Package | Installed | Affected | Info |
---|---|---|---|
youtube-dl | 2021.12.17 | <=2021.12.17 |
show Youtube-dl 2021.12.17 and prior versions are vulnerable to CVE-2023-35934: It may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-v8mc-9377-rwjj |
youtube-dl | 2021.12.17 | >=0,<2023.7.06 |
show yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. This vulnerable behavior is present in yt-dlp prior to 2023.07.06 and nightly 2023.07.06.185519. All native and external downloaders are affected, except for `curl` and `httpie` (version 3.1.0 or later). |
https://pyup.io/repos/github/media-proxy/fs.youtube/python-3-shield.svg
[![Python 3](https://pyup.io/repos/github/media-proxy/fs.youtube/python-3-shield.svg)](https://pyup.io/repos/github/media-proxy/fs.youtube/)
.. image:: https://pyup.io/repos/github/media-proxy/fs.youtube/python-3-shield.svg :target: https://pyup.io/repos/github/media-proxy/fs.youtube/ :alt: Python 3
<a href="https://pyup.io/repos/github/media-proxy/fs.youtube/"><img src="https://pyup.io/repos/github/media-proxy/fs.youtube/shield.svg" alt="Python 3" /></a>
!https://pyup.io/repos/github/media-proxy/fs.youtube/python-3-shield.svg(Python 3)!:https://pyup.io/repos/github/media-proxy/fs.youtube/
{<img src="https://pyup.io/repos/github/media-proxy/fs.youtube/python-3-shield.svg" alt="Python 3" />}[https://pyup.io/repos/github/media-proxy/fs.youtube/]
https://pyup.io/repos/github/media-proxy/fs.youtube/shield.svg
[![Updates](https://pyup.io/repos/github/media-proxy/fs.youtube/shield.svg)](https://pyup.io/repos/github/media-proxy/fs.youtube/)
.. image:: https://pyup.io/repos/github/media-proxy/fs.youtube/shield.svg :target: https://pyup.io/repos/github/media-proxy/fs.youtube/ :alt: Updates
<a href="https://pyup.io/repos/github/media-proxy/fs.youtube/"><img src="https://pyup.io/repos/github/media-proxy/fs.youtube/shield.svg" alt="Updates" /></a>
!https://pyup.io/repos/github/media-proxy/fs.youtube/shield.svg(Updates)!:https://pyup.io/repos/github/media-proxy/fs.youtube/
{<img src="https://pyup.io/repos/github/media-proxy/fs.youtube/shield.svg" alt="Updates" />}[https://pyup.io/repos/github/media-proxy/fs.youtube/]