### ๐จ Security Advisory: CVE-2025-68475
Fediverso
1
Posts
1
Posters
0
Views
-
๐จ Security Advisory: CVE-2025-68475
A ReDoS (Regular Expression Denial of Service) vulnerability has been discovered in Fedify's HTML parsing code. This vulnerability could allow a malicious federated server to cause denial of service by sending specially crafted HTML responses.
CVE ID CVE-2025-68475 Severity High (CVSS 7.5) Affected versions โค1.9.1 Patched versions 1.6.13, 1.7.14, 1.8.15, 1.9.2 If you're running Fedify in production, please upgrade to one of the patched versions immediately.
For full details, see the security advisory:
https://github.com/fedify-dev/fedify/security/advisories/GHSA-rchf-xwx2-hm93Thank you to Yue (Knox) Liu for responsibly reporting this vulnerability.
#Fedify #ActivityPub #security #fediverse #fedidev
-
undefined hongminhee@hollo.social shared this topic
Gli ultimi otto messaggi ricevuti dalla Federazione
-
๐จ Security Advisory: CVE-2025-68475
A ReDoS (Regular Expression Denial of Service) vulnerability has been discovered in Fedify's HTML parsing code. This vulnerability could allow a malicious federated server to cause denial of service by sending specially crafted HTML responses.
CVE ID CVE-2025-68475 Severity High (CVSS 7.5) Affected versions โค1.9.1 Patched versions 1.6.13, 1.7.14, 1.8.15, 1.9.2If you're running Fedify in production, please upgrade to one of the patched versions immediately.
For full details, see the security advisory:
https://github.com/fedify-dev/fedify/security/advisories/GHSA-rchf-xwx2-hm93Thank you to Yue (Knox) Liu for responsibly reporting this vulnerability.
#Fedify #ActivityPub #security #fediverse #fedidev
-
@russandro Se intendi citiverse.it รจ federato da quando รจ nato ossia da questa estate. Se invece intendi NodeBB, Allora credo che la federazione esista da meno di due anni
-
Week in Fediverse 2025-12-19
Servers
- Mbin v1.9.0
- stegodon v1.4.3
- PeerTube v8.0.1
- ActivityPub for WordPress v7.8.0
- Ktistec v3.2.4
- Manyfold v0.130.0
- Wafrn v2025.12.03
- Misskey v2025.12.1
- Gancio v1.28.2
- appy v0.4.0
- Loops v1.0.0-beta.6
- PieFed v1.3.8
- NodeBB v4.7.1
- Enigmatick ActivityPub C2S
- A year in Hubzilla development
- Photografedi: An ActivityPub powered photo sharing website! Inspired by Flickr and PixelfedClients
- PeerTube Mobile v2.0
- Voyager v2.42.0
- Blorp v1.10.1
- Interstellar v0.11.1Tools and Plugins
Articles
- Announcing Key Transparency for the Fediverse
- Adding a NSFW filter to Images on Writefreely
- Ghost's ActivityPub Integration Feels Half-Baked
- holos.social - How It Works
- Implementing Encrypted Messaging over ActivityPub
- Fediverse Report - #147-----
#WeekInFediverse #Fediverse #ActivityPub
Previous edition: https://mitra.social/objects/019b1423-50e8-e8c5-d918-9946b14bb67e
-
@snow grazie! Ce la mettiamo tutta ๐
-
@macfranc Bel lavoro.๐ช @fediverso @informapirata @lealternative
-
@ilarioq grazie! ๐
-
@kathsone grazie mille. Rompere i giardini recintati รจ fondamentale
-
@cubilotto no, tranquillo. Feddit.it resta sempre lร
