pkg:PyPI/spotipy

3 total CVEsCRITICAL1MEDIUM1LOW1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2025-27154Spotipy's cache file, containing spotify auth token, is created with overly broad permissions
    from 0, < 2.25.1
  • MEDIUM5.4CVE-2023-23608Path traversal in spotipy
    from 0, < 2.22.1
  • LOW3.6CVE-2025-66040Spotipy has a XSS vulnerability in its OAuth callback server
    from 0, < 2.25.2