CVE-2023-46121 — HTTP Request Smuggling in Project Yt-dlp

CWE-444 — HTTP Request Smuggling CWE-613 — Insufficient Session Expiration5 documents4 sources

Severity

3.7LOWNVD

EPSS

0.1%

top 73.75%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Yt-dlp Yt-dlp Project Yt-dlp Debian Yt-dlp

Timeline

PublishedNov 15

Description

yt-dlp is a youtube-dl fork with additional features and fixes. The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary url, allowing the attacker to MITM the request made from yt-dlp's HTTP session. This could lead to cookie exfiltration in some cases. Version 2023.11.14 removed the ability to smuggle `http_headers` to the Generic extractor, as well as other extractors that use the same pattern. Users are advised to upgrade. Users un…

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 2.2 | Impact: 1.4

Affected Packages5 packages

▶PyPIyt-dlp/yt-dlp2022.10.04 — 2023.11.14

▶debiandebian/yt-dlp< yt-dlp 2023.11.16-1 (forky)

▶NVDyt-dlp_project/yt-dlp2022.10.04 — 2023.11.14

▶Debianyt-dlp/yt-dlp< 2023.11.16-1+1

▶CVEListV5yt-dlp/yt-dlp>= 2022.10.04, < 2023.11.14

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

CVE-2023-46121: yt-dlp is a youtube-dl fork with additional features and fixes↗2023-11-15

▶

GHSA

yt-dlp Generic Extractor MITM Vulnerability via Arbitrary Proxy Injection↗2023-11-15

▶

OSV

yt-dlp Generic Extractor MITM Vulnerability via Arbitrary Proxy Injection↗2023-11-15

▶

📋Vendor Advisories

Debian

CVE-2023-46121: yt-dlp - yt-dlp is a youtube-dl fork with additional features and fixes. The Generic Extr...↗2023

▶