Description

This vulnerability allows any attacker to cause the PeerTube server to stop responding to requests due to an infinite loop in the "inbox" endpoint when receiving crafted ActivityPub activities.

INFO

Published Date :

2025-04-15T14:45:29.905Z

Last Modified :

2025-08-20T08:58:08.702Z

Source :

JFROG
AFFECTED PRODUCTS

The following products are affected by CVE-2025-32947 vulnerability.

Vendors Products
Framasoft
  • Peertube
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-32947.

URL Resource
https://github.com/Chocobozzz/PeerTube/commit/76226d85685220db1495025300eca784d0336f7d cve-icon cve-icon
https://github.com/Chocobozzz/PeerTube/releases/tag/v7.1.1 cve-icon cve-icon
https://research.jfrog.com/vulnerabilities/peertube-activitypub-crawl-dos/ cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact