CVE-2022-31110

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions RSSHub versions prior to 5c4177441417

Description The issue arises when special values are passed to the filter and filterout parameters, causing abnormally high CPU usage. This impacts the performance of servers and RSSHub services, potentially leading to a denial of service.

Recommendations For versions prior to 5c4177441417, update to version 5c4177441417 or a later version as soon as possible to resolve the issue. As a temporary workaround, consider restricting the use of the filter and filterout parameters to minimize the risk of exploitation.

Exploit

Fix

Resource Exhaustion

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400CWE-1333

Related Identifiers

CVE-2022-31110

GHSA-JVXX-V45P-V5VF

Affected Products

Rsshub

CVE-2022-31110

Weakness Enumeration

Related Identifiers

Affected Products

References · 9