CVE-2025-46553

Low CVSS: 2.1

@misskey-dev/summaly is a tool for getting a summary of a web page. Starting in version 3.0.1 and prior to version 5.2.1, a logic error in the main `summaly` function causes the `allowRedirects` option to never be passed to any plugins, and as a result, isn't enforced. Misskey will follow redirects, despite explicitly requesting not to. Version 5.2.1 contains a patch for the issue.

Vendor

Misskey

Product

Summaly

CWE

CWE-601

Yayın Tarihi

2025-05-05 19:15:56

Güncelleme

2025-12-01 13:49:38

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-601 Summaly LOW Misskey 2025

Referanslar

https://github.com/misskey-dev/summaly/commit/45153b4f08a772c395a13f7a25399dd87ed022ed https://github.com/misskey-dev/summaly/security/advisories/GHSA-7899-w6c4-vqc4

Benzer Kayıtlar

Critical

CVE-2026-28431

Misskey is an open source, federated social media platform. All Misskey servers running versions 8.45.0 and later, but p…

High

CVE-2026-28432

Misskey is an open source, federated social media platform. All Misskey servers prior to 2026.3.1 contain a vulnerabilit…

Low

CVE-2026-28433

Misskey is an open source, federated social media platform. All Misskey servers running versions 10.93.0 and later, but…

High

CVE-2025-66402

Misskey is an open source, federated social media platform. Starting in version 13.0.0-beta.16 and prior to version 2025…

Medium

CVE-2025-66482

Misskey is an open source, federated social media platform. Attackers who use an untrusted reverse proxy or not using a…

High

CVE-2025-46340

Misskey is an open source, federated social media platform. Starting in version 12.0.0 and prior to version 2025.4.1, du…