Lucene search
+L

6 matches found

redhatcve
redhatcve
added 2025/02/05 8:17 a.m.5 views

CVE-2024-47179

RSSHub is an RSS network. Prior to commit 64e00e7, RSSHub's docker-test-cont.yml workflow is vulnerable to Artifact Poisoning, which could have lead to a full repository takeover. Downstream users of RSSHub are not vulnerable to this issue, and commit 64e00e7 fixed the underlying issue and made t...

8.8CVSS7AI score0.00735EPSS
Exploits0References1
nvd
nvd
added 2024/09/26 8:15 p.m.12 views

CVE-2024-47179

RSSHub is an RSS network. Prior to commit 64e00e7, RSSHub's docker-test-cont.yml workflow is vulnerable to Artifact Poisoning, which could have lead to a full repository takeover. Downstream users of RSSHub are not vulnerable to this issue, and commit 64e00e7 fixed the underlying issue and made t...

8.8CVSS0.00735EPSS
Exploits0References8
vulnrichment
vulnrichment
added 2024/09/26 7:10 p.m.11 views

CVE-2024-47179 RSSHub's `docker-test-cont.yml` workflow is vulnerable to Artifact Poisoning which may lead to a full repository takeover.

RSSHub is an RSS network. Prior to commit 64e00e7, RSSHub's docker-test-cont.yml workflow is vulnerable to Artifact Poisoning, which could have lead to a full repository takeover. Downstream users of RSSHub are not vulnerable to this issue, and commit 64e00e7 fixed the underlying issue and made t...

8.8CVSS7.3AI score0.00735EPSS
Exploits0References8
cvelist
cvelist
added 2024/09/26 7:10 p.m.21 views

CVE-2024-47179 RSSHub's `docker-test-cont.yml` workflow is vulnerable to Artifact Poisoning which may lead to a full repository takeover.

RSSHub is an RSS network. Prior to commit 64e00e7, RSSHub's docker-test-cont.yml workflow is vulnerable to Artifact Poisoning, which could have lead to a full repository takeover. Downstream users of RSSHub are not vulnerable to this issue, and commit 64e00e7 fixed the underlying issue and made t...

8.8CVSS0.00735EPSS
Exploits0References8
cve
cve
added 2024/09/26 7:10 p.m.48 views

CVE-2024-47179

RSSHub’s docker-test-cont.yml workflow was vulnerable to Artifact Poisoning prior to commit 64e00e7, allowing an attacker to exploit an unvalidated artifact (rsshub.tar.zst) and potentially gain a full repository takeover via a malicious package.json. Downstream users were not affected, and commi...

8.8CVSS8.7AI score0.00735EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2024/09/26 12:0 a.m.4 views

PT-2024-32460 · Rsshub · Rsshub

Name of the Vulnerable Software and Affected Versions: RSSHub versions prior to commit 64e00e7 Description: RSSHub's docker-test-cont.yml workflow is vulnerable to Artifact Poisoning, which could have led to a full repository takeover. The workflow gets triggered when the PR - Docker build test...

8.8CVSS7.2AI score0.00735EPSS
Exploits0References17
Rows per page
Query Builder