Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security Advisories (latest 2024-07-02: File system modification and remote code execution through unchecked file extension) #32832

Open
dirkf opened this issue Jul 2, 2024 · 0 comments
Open

Security Advisories (latest 2024-07-02: File system modification and remote code execution through unchecked file extension) #32832

dirkf opened this issue Jul 2, 2024 · 0 comments

Comments

@dirkf
Copy link
Contributor

dirkf commented Jul 2, 2024

This pinned issue lists Security Advisory issues applying to youtube-dl and shows their current status.

File system modification and remote code execution through unchecked file extension

Original SA GHSA-22fp-mf44-f2mq
Fixed in master code d42a222 or later and nightly releases tagged 2024-07-03 or later.

File Downloader cookie leak

Original SA GHSA-9jqj-9wwh-r5mg
Fixed in master code and nightly releases since 2023-07-18.
@dirkf dirkf pinned this issue Jul 2, 2024
@ytdl-org ytdl-org locked as resolved and limited conversation to collaborators Jul 2, 2024
@dirkf dirkf changed the title [Security Advisory] Master list (latest 2024-07-02: File system modification and remote code execution through unchecked file extension) Security Advisory list (latest 2024-07-02: File system modification and remote code execution through unchecked file extension) Jul 2, 2024
@dirkf dirkf changed the title Security Advisory list (latest 2024-07-02: File system modification and remote code execution through unchecked file extension) Security Advisories (latest 2024-07-02: File system modification and remote code execution through unchecked file extension) Jul 2, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dirkf