CVE-2022-31110

RSSHub is an open source, extensible RSS feed generator. In commits prior to 5c4177441417 passing some special values to the `filter` and `filterout` parameters can cause an abnormally high CPU. This results in an impact on the performance of the servers and RSSHub services which may lead to a denial of service. This issue has been fixed in commit 5c4177441417 and all users are advised to upgrade. There are no known workarounds for this issue.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:rsshub:rsshub:*:*:*:*:*:node.js:*:*

History

24 Jul 2023, 13:17

Type Values Removed Values Added
CWE CWE-400 CWE-1333

Information

Published : 2022-06-29 18:15

Updated : 2024-02-28 19:09


NVD link : CVE-2022-31110

Mitre link : CVE-2022-31110

CVE.ORG link : CVE-2022-31110


JSON object : View

Products Affected

rsshub

  • rsshub
CWE
CWE-1333

Inefficient Regular Expression Complexity

CWE-400

Uncontrolled Resource Consumption