This repository has been archived by the owner on Apr 22, 2023. It is now read-only.
3.0.3
This release fixes a vulnerability that could be used to trigger either an open redirect attack or a Server-Side Request Forgery attack (see GHSA-75p7-527p-w8wp).
The fix requires applying a patch to youtube-dl to disable its generic extractor. If you are using the version of youtube-dl bundled with 3.0.3, it is already patched.
However, if you are using your own unpatched version of youtube-dl you might still be vulnerable.