pkg:PyPI/yt-dlp

共 6 筆 CVEHIGH4MEDIUM2

✅ 檢查你的版本

所有已知漏洞

  • HIGH8.8CVE-2026-26331yt-dlp: Arbitrary Command Injection when using the `--netrc-cmd` option
    >= 2023.06.21, < 2026.02.21
  • HIGH8.3CVE-2024-22423yt-dlp: `--exec` command injection when using `%q` in yt-dlp on Windows (Bypass of CVE-2023-40581)
    >= 2021.04.11, < 2024.04.09
  • HIGH8.3CVE-2023-40581yt-dlp on Windows vulnerable to `--exec` command injection when using `%q`
    >= 2021.04.11, < 2023.09.24
  • HIGH7.8CVE-2024-38519yt-dlp File system modification and RCE through improper file-extension sanitization
    from 0, < 2024.07.01
  • MEDIUM6.1CVE-2023-35934yt-dlp File Downloader cookie leak
    from 0, < 2023.7.06
  • MEDIUM5.0CVE-2023-46121yt-dlp Generic Extractor MITM Vulnerability via Arbitrary Proxy Injection
    >= 2022.10.04, < 2023.11.14