This vulnerability allows any attacker to cause the PeerTube server to stop responding to requests due to an infinite loop in the "inbox" endpoint when receiving crafted ActivityPub activities.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HFramasoft Peertube
APPFramasoft< 7.1.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
Related vulnerabilities
CVE-2025-32948HIGH7.5ten sam produkt
The vulnerability allows any attacker to cause the PeerTube server to stop functioning, or in special cases se...
CVE-2022-0133HIGH7.5ten sam produkt
peertube is vulnerable to Improper Access Control
CVE-2022-0132HIGH7.5ten sam produkt
peertube is vulnerable to Server-Side Request Forgery (SSRF)
CVE-2025-32944MEDIUM6.5ten sam produkt
The vulnerability allows any authenticated user to cause the PeerTube server to stop functioning in a persiste...
CVE-2025-32945MEDIUM4.3ten sam produkt
The vulnerability allows an existing user to add playlists to a different user’s channel using the PeerTube RE...