NotificationsYou must be signed in to change notification settings
Fork8.3k
Star37.6k

Security

SECURITY.md

Security Policy

Supported Version

Latest commits in master branch

Reporting a Vulnerability

If you believe you have found a security vulnerability in RSSHub, please let us know right away, you canopen a draft security advisory or email us ati@diygod.me. We will investigate all legitimate reports and do our best to quickly fix the problem.

RSSHub's `docker-test-cont.yml` workflow is vulnerable to Artifact Poisoning which may lead to a full repository takeover.
GHSA-9mqc-fm24-h8cw publishedSep 26, 2024 byDIYgod
Critical
XSS vulnerability caused by internal media proxy
GHSA-2wqw-hr4f-xrhh publishedMar 5, 2024 byDIYgod
Moderate
RSSHub SSRF vulnerabilities in /mastodon, /zjoi, and /m4
GHSA-3p3p-cgj7-vgw3 publishedMar 5, 2024 byDIYgod
Moderate
XSS vulnerability caused by unvalidated URL parameters
GHSA-32gr-4cq6-5w5q publishedFeb 28, 2023 byDIYgod
Moderate
SSRF vulnerability
GHSA-64wp-jh9p-5cg2 publishedJan 11, 2023 byDIYgod
High
Denial of Service (DoS) vulnerability
GHSA-jvxx-v45p-v5vf publishedJun 22, 2022 byDIYgod
High
Risk of code injection
GHSA-pgjj-866w-fc5c publishedJan 26, 2021 byDIYgod
Moderate

Learn more about advisories related toDIYgod/RSSHub in theGitHub Advisory Database

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Security

SECURITY.md

Security Policy

Supported Version

Reporting a Vulnerability

Movatterモバイル変換

Security: DIYgod/RSSHub

Security

SECURITY.md

Security Policy

Supported Version

Reporting a Vulnerability