CVE-2025-32946

{"id": "CVE-2025-32946", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "reefs@jfrog.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2025-04-15T13:15:55.360", "references": [{"url": "https://github.com/Chocobozzz/PeerTube/releases/tag/v7.1.1", "tags": ["Release Notes"], "source": "reefs@jfrog.com"}, {"url": "https://research.jfrog.com/vulnerabilities/peertube-arbitrary-playlist-creation-activitypub/", "tags": ["Exploit", "Third Party Advisory"], "source": "reefs@jfrog.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "reefs@jfrog.com", "description": [{"lang": "en", "value": "CWE-282"}]}], "descriptions": [{"lang": "en", "value": "This vulnerability allows any attacker to add playlists to a different user\u2019s channel using the ActivityPub protocol. The vulnerable code sets the owner of the new playlist to be the user who performed the request, and then sets the associated channel to the channel ID supplied by the request, without checking if it belongs to the user."}, {"lang": "es", "value": "Esta vulnerabilidad permite a cualquier atacante a\u00f1adir listas de reproducci\u00f3n al canal de otro usuario mediante el protocolo ActivityPub. El c\u00f3digo vulnerable establece que el propietario de la nueva lista de reproducci\u00f3n sea el usuario que realiz\u00f3 la solicitud y, a continuaci\u00f3n, establece el canal asociado con el ID de canal proporcionado por la solicitud, sin comprobar si pertenece al usuario."}], "lastModified": "2025-10-21T16:32:53.413", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:framasoft:peertube:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D8E26564-C5EB-4B35-9E6B-2B4C4297D307", "versionEndExcluding": "7.1.1"}], "operator": "OR"}]}], "sourceIdentifier": "reefs@jfrog.com"}