Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/rsshub@1.0.0-master.02bdf8d
Typenpm
Namespace
Namersshub
Version1.0.0-master.02bdf8d
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.0.0-master.a429472
Latest_non_vulnerable_version1.0.0-master.e2a57e4
Affected_by_vulnerabilities
0
url VCID-4p7c-5fba-wydx
vulnerability_id VCID-4p7c-5fba-wydx
summary RSSHub is an open source, extensible RSS feed generator. In commits prior to 5c4177441417 passing some special values to the `filter` and `filterout` parameters can cause an abnormally high CPU. This results in an impact on the performance of the servers and RSSHub services which may lead to a denial of service. This issue has been fixed in commit 5c4177441417 and all users are advised to upgrade. There are no known workarounds for this issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-31110
reference_id
reference_type
scores
0
value 0.00557
scoring_system epss
scoring_elements 0.6874
published_at 2026-06-12T12:55:00Z
1
value 0.00557
scoring_system epss
scoring_elements 0.68749
published_at 2026-06-14T12:55:00Z
2
value 0.00557
scoring_system epss
scoring_elements 0.68648
published_at 2026-06-11T12:55:00Z
3
value 0.00557
scoring_system epss
scoring_elements 0.68753
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-31110
1
reference_url https://github.com/DIYgod/RSSHub
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/DIYgod/RSSHub
2
reference_url https://github.com/DIYgod/RSSHub/commit/4671720f4c5e1aaaad8fcc1dce684b6546baf2ff
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/DIYgod/RSSHub/commit/4671720f4c5e1aaaad8fcc1dce684b6546baf2ff
3
reference_url https://github.com/DIYgod/RSSHub/issues/10045
reference_id 10045
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:33Z/
url https://github.com/DIYgod/RSSHub/issues/10045
4
reference_url https://github.com/DIYgod/RSSHub/commit/5c4177441417b44a6e45c3c63e9eac2504abeb5b
reference_id 5c4177441417b44a6e45c3c63e9eac2504abeb5b
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:33Z/
url https://github.com/DIYgod/RSSHub/commit/5c4177441417b44a6e45c3c63e9eac2504abeb5b
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-31110
reference_id CVE-2022-31110
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-31110
6
reference_url https://github.com/advisories/GHSA-jvxx-v45p-v5vf
reference_id GHSA-jvxx-v45p-v5vf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jvxx-v45p-v5vf
7
reference_url https://github.com/DIYgod/RSSHub/security/advisories/GHSA-jvxx-v45p-v5vf
reference_id GHSA-jvxx-v45p-v5vf
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:33Z/
url https://github.com/DIYgod/RSSHub/security/advisories/GHSA-jvxx-v45p-v5vf
fixed_packages
aliases CVE-2022-31110, GHSA-jvxx-v45p-v5vf, GMS-2022-2614
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4p7c-5fba-wydx
1
url VCID-epn5-5x69-jqen
vulnerability_id VCID-epn5-5x69-jqen
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21278
reference_id
reference_type
scores
0
value 0.00451
scoring_system epss
scoring_elements 0.64141
published_at 2026-06-11T12:55:00Z
1
value 0.00451
scoring_system epss
scoring_elements 0.64244
published_at 2026-06-12T12:55:00Z
2
value 0.00451
scoring_system epss
scoring_elements 0.64257
published_at 2026-06-13T12:55:00Z
3
value 0.00451
scoring_system epss
scoring_elements 0.64253
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21278
1
reference_url https://github.com/DIYgod/RSSHub
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/DIYgod/RSSHub
2
reference_url https://github.com/DIYgod/RSSHub/commit/7f1c43094e8a82e4d8f036ff7d42568fed00699d
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/DIYgod/RSSHub/commit/7f1c43094e8a82e4d8f036ff7d42568fed00699d
3
reference_url https://github.com/DIYgod/RSSHub/security/advisories/GHSA-pgjj-866w-fc5c
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/DIYgod/RSSHub/security/advisories/GHSA-pgjj-866w-fc5c
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-21278
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-21278
5
reference_url https://www.npmjs.com/package/rsshub
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/package/rsshub
6
reference_url https://github.com/advisories/GHSA-pgjj-866w-fc5c
reference_id GHSA-pgjj-866w-fc5c
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pgjj-866w-fc5c
fixed_packages
0
url pkg:npm/rsshub@1.0.0-master.bda9d72
purl pkg:npm/rsshub@1.0.0-master.bda9d72
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4p7c-5fba-wydx
1
vulnerability VCID-hbfe-umpg-ybec
2
vulnerability VCID-rwf1-ppes-xkh3
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/rsshub@1.0.0-master.bda9d72
aliases CVE-2021-21278, GHSA-pgjj-866w-fc5c
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-epn5-5x69-jqen
2
url VCID-hbfe-umpg-ybec
vulnerability_id VCID-hbfe-umpg-ybec
summary RSSHub is an open source and extensible RSS feed generator. When the URL parameters contain certain special characters, it returns an error page that does not properly handle XSS vulnerabilities, allowing for the execution of arbitrary JavaScript code. Users who access the deliberately constructed URL are affected. This vulnerability was fixed in version c910c4d28717fb860fbe064736641f379fab2c91. Please upgrade to this or a later version, there are no known workarounds.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-26491
reference_id
reference_type
scores
0
value 0.00838
scoring_system epss
scoring_elements 0.752
published_at 2026-06-13T12:55:00Z
1
value 0.00838
scoring_system epss
scoring_elements 0.75196
published_at 2026-06-14T12:55:00Z
2
value 0.00838
scoring_system epss
scoring_elements 0.75117
published_at 2026-06-11T12:55:00Z
3
value 0.00838
scoring_system epss
scoring_elements 0.75187
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-26491
1
reference_url https://github.com/DIYgod/RSSHub
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/DIYgod/RSSHub
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-26491
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-26491
3
reference_url https://github.com/DIYgod/RSSHub/commit/c910c4d28717fb860fbe064736641f379fab2c91
reference_id c910c4d28717fb860fbe064736641f379fab2c91
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:30:31Z/
url https://github.com/DIYgod/RSSHub/commit/c910c4d28717fb860fbe064736641f379fab2c91
4
reference_url https://github.com/advisories/GHSA-32gr-4cq6-5w5q
reference_id GHSA-32gr-4cq6-5w5q
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-32gr-4cq6-5w5q
5
reference_url https://github.com/DIYgod/RSSHub/security/advisories/GHSA-32gr-4cq6-5w5q
reference_id GHSA-32gr-4cq6-5w5q
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:30:31Z/
url https://github.com/DIYgod/RSSHub/security/advisories/GHSA-32gr-4cq6-5w5q
fixed_packages
0
url pkg:npm/rsshub@1.0.0-master.c910c4d
purl pkg:npm/rsshub@1.0.0-master.c910c4d
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/rsshub@1.0.0-master.c910c4d
aliases CVE-2023-26491, GHSA-32gr-4cq6-5w5q, GMS-2023-534
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hbfe-umpg-ybec
3
url VCID-nn7t-5bp3-abca
vulnerability_id VCID-nn7t-5bp3-abca
summary RSSHub is an open source RSS feed generator. Prior to version 1.0.0-master.a429472, RSSHub allows remote attackers to use the server as a proxy to send HTTP GET requests to arbitrary targets and retrieve information in the internal network or conduct Denial-of-Service (DoS) attacks. The attacker can send malicious requests to a RSSHub server, to make the server send HTTP GET requests to arbitrary destinations and see partial responses. This may lead to leak the server IP address, which could be hidden behind a CDN; retrieving information in the internal network, e.g. which addresses/ports are accessible, the titles and meta descriptions of HTML pages; and denial of service amplification. The attacker could request the server to download some large files, or chain several SSRF requests in a single attacker request.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-27927
reference_id
reference_type
scores
0
value 0.01376
scoring_system epss
scoring_elements 0.80724
published_at 2026-06-14T12:55:00Z
1
value 0.01376
scoring_system epss
scoring_elements 0.80661
published_at 2026-06-11T12:55:00Z
2
value 0.01376
scoring_system epss
scoring_elements 0.80721
published_at 2026-06-12T12:55:00Z
3
value 0.01376
scoring_system epss
scoring_elements 0.80733
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-27927
1
reference_url https://github.com/DIYgod/RSSHub
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/DIYgod/RSSHub
2
reference_url https://github.com/DIYgod/RSSHub/commit/a42947231104a9ec3436fc52cedb31740c9a7069
reference_id a42947231104a9ec3436fc52cedb31740c9a7069
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-05T15:40:32Z/
url https://github.com/DIYgod/RSSHub/commit/a42947231104a9ec3436fc52cedb31740c9a7069
3
reference_url https://github.com/DIYgod/RSSHub/blob/5928c5db2472e101c2f5c3bafed77a2f72edd40a/lib/routes/mastodon/acct.js#L4-L7
reference_id acct.js#L4-L7
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-05T15:40:32Z/
url https://github.com/DIYgod/RSSHub/blob/5928c5db2472e101c2f5c3bafed77a2f72edd40a/lib/routes/mastodon/acct.js#L4-L7
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-27927
reference_id CVE-2024-27927
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-27927
5
reference_url https://github.com/advisories/GHSA-3p3p-cgj7-vgw3
reference_id GHSA-3p3p-cgj7-vgw3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3p3p-cgj7-vgw3
6
reference_url https://github.com/DIYgod/RSSHub/security/advisories/GHSA-3p3p-cgj7-vgw3
reference_id GHSA-3p3p-cgj7-vgw3
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-05T15:40:32Z/
url https://github.com/DIYgod/RSSHub/security/advisories/GHSA-3p3p-cgj7-vgw3
7
reference_url https://github.com/DIYgod/RSSHub/blob/172f6cfd2b69ea6affdbdedf61e6dde1671f3796/lib/routes/m4/index.js#L10-L14
reference_id index.js#L10-L14
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-05T15:40:32Z/
url https://github.com/DIYgod/RSSHub/blob/172f6cfd2b69ea6affdbdedf61e6dde1671f3796/lib/routes/m4/index.js#L10-L14
8
reference_url https://github.com/DIYgod/RSSHub/blob/172f6cfd2b69ea6affdbdedf61e6dde1671f3796/lib/routes/zjol/paper.js#L7-L13
reference_id paper.js#L7-L13
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-05T15:40:32Z/
url https://github.com/DIYgod/RSSHub/blob/172f6cfd2b69ea6affdbdedf61e6dde1671f3796/lib/routes/zjol/paper.js#L7-L13
9
reference_url https://github.com/DIYgod/RSSHub/blob/5928c5db2472e101c2f5c3bafed77a2f72edd40a/lib/routes/mastodon/utils.js#L85-L105
reference_id utils.js#L85-L105
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-05T15:40:32Z/
url https://github.com/DIYgod/RSSHub/blob/5928c5db2472e101c2f5c3bafed77a2f72edd40a/lib/routes/mastodon/utils.js#L85-L105
fixed_packages
0
url pkg:npm/rsshub@1.0.0-master.a429472
purl pkg:npm/rsshub@1.0.0-master.a429472
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/rsshub@1.0.0-master.a429472
aliases CVE-2024-27927, GHSA-3p3p-cgj7-vgw3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nn7t-5bp3-abca
4
url VCID-rwf1-ppes-xkh3
vulnerability_id VCID-rwf1-ppes-xkh3
summary RSSHub is an open source RSS feed generator. RSSHub is vulnerable to Server-Side Request Forgery (SSRF) attacks. This vulnerability allows an attacker to send arbitrary HTTP requests from the server to other servers or resources on the network. An attacker can exploit this vulnerability by sending a request to the affected routes with a malicious URL. An attacker could also use this vulnerability to send requests to internal or any other servers or resources on the network, potentially gain access to sensitive information that would not normally be accessible and amplifying the impact of the attack. The patch for this issue can be found in commit a66cbcf.
references
0
reference_url https://advisory.dw1.io/56
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://advisory.dw1.io/56
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-22493
reference_id
reference_type
scores
0
value 0.00124
scoring_system epss
scoring_elements 0.31377
published_at 2026-06-14T12:55:00Z
1
value 0.00124
scoring_system epss
scoring_elements 0.31396
published_at 2026-06-13T12:55:00Z
2
value 0.00124
scoring_system epss
scoring_elements 0.31185
published_at 2026-06-11T12:55:00Z
3
value 0.00124
scoring_system epss
scoring_elements 0.31378
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-22493
2
reference_url https://github.com/DIYgod/RSSHub
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/DIYgod/RSSHub
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-22493
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-22493
4
reference_url https://github.com/DIYgod/RSSHub/pull/11588
reference_id 11588
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T21:01:38Z/
url https://github.com/DIYgod/RSSHub/pull/11588
5
reference_url https://github.com/DIYgod/RSSHub/commit/a66cbcf6eebc700bf97ab097f404f16ab415506a
reference_id a66cbcf6eebc700bf97ab097f404f16ab415506a
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T21:01:38Z/
url https://github.com/DIYgod/RSSHub/commit/a66cbcf6eebc700bf97ab097f404f16ab415506a
6
reference_url https://github.com/advisories/GHSA-64wp-jh9p-5cg2
reference_id GHSA-64wp-jh9p-5cg2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-64wp-jh9p-5cg2
7
reference_url https://github.com/DIYgod/RSSHub/security/advisories/GHSA-64wp-jh9p-5cg2
reference_id GHSA-64wp-jh9p-5cg2
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T21:01:38Z/
url https://github.com/DIYgod/RSSHub/security/advisories/GHSA-64wp-jh9p-5cg2
fixed_packages
0
url pkg:npm/rsshub@1.0.0-master.a66cbcf
purl pkg:npm/rsshub@1.0.0-master.a66cbcf
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hbfe-umpg-ybec
1
vulnerability VCID-rwf1-ppes-xkh3
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/rsshub@1.0.0-master.a66cbcf
1
url pkg:npm/rsshub@1.0.0-master.e2a57e4
purl pkg:npm/rsshub@1.0.0-master.e2a57e4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/rsshub@1.0.0-master.e2a57e4
aliases CVE-2023-22493, GHSA-64wp-jh9p-5cg2, GMS-2023-27
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rwf1-ppes-xkh3
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/rsshub@1.0.0-master.02bdf8d