ГлавнаяУязвимости → CVE-2025-32947
7.5высокая

CVE-2025-32947

Описание

This vulnerability allows any attacker to cause the PeerTube server to stop responding to requests due to an infinite loop in the "inbox" endpoint when receiving crafted ActivityPub activities.

Затрагиваемое ПО
Framasoft Peertube
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Источники
https://github.com/Chocobozzz/PeerTube/commit/76226d85685220db1495025300eca784d0336f7dhttps://github.com/Chocobozzz/PeerTube/releases/tag/v7.1.1https://research.jfrog.com/vulnerabilities/peertube-activitypub-crawl-dos/