Lucene search
GoogleOSV:GHSA-JVXX-V45P-V5VFHistoryJun 23, 2022 - 6:45 a.m.
Denial of Service (DoS) vulnerability in RSSHub
2022-06-2306:45:03
Google
osv.dev
12
rsshub
dos vulnerability
cpu usage
EPSS
0.002
Percentile
60.7%
Impact
Passing some special values to the filter and filterout parameters can cause an abnormally high CPU. Impact on the performance of the servers and RSSHub services.
Patches
It is fixed in 5c4177441417b44a6e45c3c63e9eac2504abeb5b , please update to this or the later versions as soon as possible.
References
Full report: https://github.com/DIYgod/RSSHub/issues/10045
For more information
If you have any questions or comments about this advisory:
- Open an issue in <https://github.com/DIYgod/RSSHub/issues>
- Email us at [email protected]
Credits
@Rongronggg9
References
github.com/DIYgod/RSSHub
github.com/DIYgod/RSSHub/commit/4671720f4c5e1aaaad8fcc1dce684b6546baf2ff
github.com/DIYgod/RSSHub/commit/5c4177441417b44a6e45c3c63e9eac2504abeb5b
github.com/DIYgod/RSSHub/issues/10045
github.com/DIYgod/RSSHub/security/advisories/GHSA-jvxx-v45p-v5vf
nvd.nist.gov/vuln/detail/CVE-2022-31110
Related
veracode
veracode
Denial Of Service (DoS)
2022-06-24 10:07:37
prion
prion
Design/Logic Flaw
2022-06-29 18:15:00
osv
osv
CVE-2022-31110
2022-06-29 18:15:08
github
github
Denial of Service (DoS) vulnerability in RSSHub
2022-06-23 06:45:03
cve
cve
CVE-2022-31110
2022-06-29 18:15:08
cvelist
cvelist
CVE-2022-31110 Denial of Service (DoS) vulnerability in RSSHub
2022-06-29 18:00:18
nvd
nvd
CVE-2022-31110
2022-06-29 18:15:08