5 matches found
CVE-2025-25286
Crayfish is a collection of Islandora 8 microservices, one of which, Homarus, provides FFmpeg as a microservice. Prior to Crayfish version 4.1.0, remote code execution may be possible in web-accessible installations of Homarus in certain configurations. The issue has been patched in...
CVE-2025-25286
creationtimestamp| type| source ---|---|--- 2025-02-13 02:48:41+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/113994296257127308 2025-02-13 03:00:57+00:00| seen| Telegram/r090prh8PzjJEh682vcQnlDcJfJK4dwz44titdcQaapqPXQ 2025-02-13 04:25:09+00:00| seen|...
CVE-2025-25286 Crayfish allows Remote Code Execution via Homarus Authorization header
Crayfish is a collection of Islandora 8 microservices, one of which, Homarus, provides FFmpeg as a microservice. Prior to Crayfish version 4.1.0, remote code execution may be possible in web-accessible installations of Homarus in certain configurations. The issue has been patched in...
CVE-2025-25286
CVE-2025-25286 affects Crayfish’s Homarus FFmpeg microservice. Prior to Crayfish 4.1.0, remote code execution could occur in web-accessible installations in certain configurations. The issue has been patched in islandora/crayfish:4.1.0. Workarounds include preventing Internet access to Homarus or...
CVE-2025-25286 Crayfish allows Remote Code Execution via Homarus Authorization header
Crayfish is a collection of Islandora 8 microservices, one of which, Homarus, provides FFmpeg as a microservice. Prior to Crayfish version 4.1.0, remote code execution may be possible in web-accessible installations of Homarus in certain configurations. The issue has been patched in...