CVE-2025-32943

Low CVSS: 3.7

The vulnerability allows any authenticated user to leak the contents of arbitrary “.m3u8” files from the PeerTube server due to a path traversal in the HLS endpoint.

Vendor

Framasoft

Product

Peertube

CWE

CWE-22

Yayın Tarihi

2025-04-15 11:15:45

Güncelleme

2025-10-10 16:52:10

Source Identifier

reefs@jfrog.com

KEV Date Added

Kategoriler

CWE-22 Peertube LOW Framasoft 2025

Referanslar

https://github.com/Chocobozzz/PeerTube/releases/tag/v7.1.1 https://research.jfrog.com/vulnerabilities/peertube-hls-path-traversal/ https://research.jfrog.com/vulnerabilities/peertube-hls-path-traversal/

Benzer Kayıtlar

High

CVE-2025-32947

This vulnerability allows any attacker to cause the PeerTube server to stop responding to requests due to an infinite lo…

High

CVE-2025-32948

The vulnerability allows any attacker to cause the PeerTube server to stop functioning, or in special cases send request…

Medium

CVE-2025-32949

This vulnerability allows any authenticated user to cause the server to consume very large amounts of disk space when ex…

Medium

CVE-2025-32944

The vulnerability allows any authenticated user to cause the PeerTube server to stop functioning in a persistent manner.…

Medium

CVE-2025-32945

The vulnerability allows an existing user to add playlists to a different user’s channel using the PeerTube REST API. Th…

Medium

CVE-2025-32946

This vulnerability allows any attacker to add playlists to a different user’s channel using the ActivityPub protocol. Th…