Headline
GHSA-jvxx-v45p-v5vf: Denial of Service (DoS) vulnerability in RSSHub
Impact
Passing some special values to the filter and filterout parameters can cause an abnormally high CPU. Impact on the performance of the servers and RSSHub services.
Patches
It is fixed in 5c4177441417b44a6e45c3c63e9eac2504abeb5b , please update to this or the later versions as soon as possible.
Credits
@Rongronggg9
References
A full report will be disclosed after 120 hours.
For more information
If you have any questions or comments about this advisory:
- Open an issue in https://github.com/DIYgod/RSSHub/issues
- Email us at [email protected]
Impact
Passing some special values to the filter and filterout parameters can cause an abnormally high CPU. Impact on the performance of the servers and RSSHub services.
Patches
It is fixed in 5c4177441417b44a6e45c3c63e9eac2504abeb5b , please update to this or the later versions as soon as possible.
Credits
@Rongronggg9
References
A full report will be disclosed after 120 hours.
For more information
If you have any questions or comments about this advisory:
- Open an issue in https://github.com/DIYgod/RSSHub/issues
- Email us at [email protected]
References
- GHSA-jvxx-v45p-v5vf
- DIYgod/RSSHub@4671720
- DIYgod/RSSHub@5c41774