{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-06T09:54:55.153","vulnerabilities":[{"cve":{"id":"CVE-2022-31110","sourceIdentifier":"security-advisories@github.com","published":"2022-06-29T18:15:08.973","lastModified":"2024-11-21T07:03:54.970","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"RSSHub is an open source, extensible RSS feed generator. In commits prior to 5c4177441417 passing some special values to the `filter` and `filterout` parameters can cause an abnormally high CPU. This results in an impact on the performance of the servers and RSSHub services which may lead to a denial of service. This issue has been fixed in commit 5c4177441417 and all users are advised to upgrade. There are no known workarounds for this issue."},{"lang":"es","value":"RSSHub es un generador de fuentes RSS extensible y de código abierto. En los commits anteriores a 5c4177441417 pasar algunos valores especiales a los parámetros \"filter\" y \"filterout\" puede causar un aumento anormal de la CPU. Esto resulta en un impacto en el rendimiento de los servidores y servicios de RSSHub que puede conllevar a una denegación de servicio. Este problema ha sido corregido en el commit 5c4177441417 y es recomendado a todos los usuarios actualizar. No se presentan mitigaciones conocidas para este problema"}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-1333"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rsshub:rsshub:*:*:*:*:*:node.js:*:*","versionEndExcluding":"2022-06-21","matchCriteriaId":"9AA9F16E-B0E9-4D3B-8303-B1FD35978982"}]}]}],"references":[{"url":"https://github.com/DIYgod/RSSHub/commit/5c4177441417b44a6e45c3c63e9eac2504abeb5b","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/DIYgod/RSSHub/issues/10045","source":"security-advisories@github.com","tags":["Exploit","Issue Tracking","Mitigation","Third Party Advisory"]},{"url":"https://github.com/DIYgod/RSSHub/security/advisories/GHSA-jvxx-v45p-v5vf","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/DIYgod/RSSHub/commit/5c4177441417b44a6e45c3c63e9eac2504abeb5b","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/DIYgod/RSSHub/issues/10045","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Mitigation","Third Party Advisory"]},{"url":"https://github.com/DIYgod/RSSHub/security/advisories/GHSA-jvxx-v45p-v5vf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]}]}}]}