yt-dlp

Salvatore Bonaccorso (@carnil) Wed, 23 Jul 2025 14:09:51 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
1b542695 by Salvatore Bonaccorso at 2025-07-23T23:09:15+02:00
Add CVE-2025-54072/yt-dlp

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -99,7 +99,9 @@ CVE-2025-54137 (HAX CMS NodeJS allows users to manage their 
microsite universe w
 CVE-2025-54120 (PCL (Plain Craft Launcher) Community Edition is a Minecraft 
launcher.  ...)
        NOT-FOR-US: PCL (Plain Craft Launcher) Minecraft launcher
 CVE-2025-54072 (yt-dlp is a feature-rich command-line audio/video downloader. 
In versi ...)
-       TODO: check
+       - yt-dlp <not-affected> (Windows-specific)
+       NOTE: 
https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-45hg-7f49-5h56
+       NOTE: 
https://github.com/yt-dlp/yt-dlp/commit/959ac99e98c3215437e573c22d64be42d361e863
 (2025.07.21)
 CVE-2025-53882 (A Reliance on Untrusted Inputs in a Security Decision 
vulnerability in ...)
        TODO: check
 CVE-2025-53703 (DuraComm SPM-500 DP-10iN-100-MU   transmits sensitive data 
without enc ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b542695c8962afe8012daf484df1f84772caf64

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b542695c8962afe8012daf484df1f84772caf64
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Add CVE-2025-54072/yt-dlp

Reply via email to