### 🚨 Security Advisory: CVE-2025-68475
Fediverso
1
Posts
1
Posters
0
Views
-
🚨 Security Advisory: CVE-2025-68475
A ReDoS (Regular Expression Denial of Service) vulnerability has been discovered in Fedify's HTML parsing code. This vulnerability could allow a malicious federated server to cause denial of service by sending specially crafted HTML responses.
CVE ID CVE-2025-68475 Severity High (CVSS 7.5) Affected versions ≤1.9.1 Patched versions 1.6.13, 1.7.14, 1.8.15, 1.9.2 If you're running Fedify in production, please upgrade to one of the patched versions immediately.
For full details, see the security advisory:
https://github.com/fedify-dev/fedify/security/advisories/GHSA-rchf-xwx2-hm93Thank you to Yue (Knox) Liu for responsibly reporting this vulnerability.
#Fedify #ActivityPub #security #fediverse #fedidev
-
undefined hongminhee@hollo.social shared this topic
Gli ultimi otto messaggi ricevuti dalla Federazione
-
🚨 Security Advisory: CVE-2025-68475
A ReDoS (Regular Expression Denial of Service) vulnerability has been discovered in Fedify's HTML parsing code. This vulnerability could allow a malicious federated server to cause denial of service by sending specially crafted HTML responses.
CVE ID CVE-2025-68475 Severity High (CVSS 7.5) Affected versions ≤1.9.1 Patched versions 1.6.13, 1.7.14, 1.8.15, 1.9.2If you're running Fedify in production, please upgrade to one of the patched versions immediately.
For full details, see the security advisory:
https://github.com/fedify-dev/fedify/security/advisories/GHSA-rchf-xwx2-hm93Thank you to Yue (Knox) Liu for responsibly reporting this vulnerability.
#Fedify #ActivityPub #security #fediverse #fedidev
-
@russandro Se intendi citiverse.it è federato da quando è nato ossia da questa estate. Se invece intendi NodeBB, Allora credo che la federazione esista da meno di due anni
-
Week in Fediverse 2025-12-19
Servers
- Mbin v1.9.0
- stegodon v1.4.3
- PeerTube v8.0.1
- ActivityPub for WordPress v7.8.0
- Ktistec v3.2.4
- Manyfold v0.130.0
- Wafrn v2025.12.03
- Misskey v2025.12.1
- Gancio v1.28.2
- appy v0.4.0
- Loops v1.0.0-beta.6
- PieFed v1.3.8
- NodeBB v4.7.1
- Enigmatick ActivityPub C2S
- A year in Hubzilla development
- Photografedi: An ActivityPub powered photo sharing website! Inspired by Flickr and PixelfedClients
- PeerTube Mobile v2.0
- Voyager v2.42.0
- Blorp v1.10.1
- Interstellar v0.11.1Tools and Plugins
Articles
- Announcing Key Transparency for the Fediverse
- Adding a NSFW filter to Images on Writefreely
- Ghost's ActivityPub Integration Feels Half-Baked
- holos.social - How It Works
- Implementing Encrypted Messaging over ActivityPub
- Fediverse Report - #147-----
#WeekInFediverse #Fediverse #ActivityPub
Previous edition: https://mitra.social/objects/019b1423-50e8-e8c5-d918-9946b14bb67e
-
@snow grazie! Ce la mettiamo tutta 😅
-
@macfranc Bel lavoro.💪 @fediverso @informapirata @lealternative
-
@ilarioq grazie! 💗
-
@kathsone grazie mille. Rompere i giardini recintati è fondamentale
-
@cubilotto no, tranquillo. Feddit.it resta sempre là
