CVE-2024-47179

Summary

CVE-2024-47179 is a vulnerability affecting RSSHub's `docker-test-cont.yml` workflow, which was previously susceptible to Artifact Poisoning. This issue could have enabled a full repository takeover, as the workflow would collect information from the triggering Pull Request, set labels based on PR content, and download an artifact containing malicious files. The vulnerability was present before commit 64e00e7, which failed to validate the contents of the artifact. Malicious actors could exploit this by uploading a `package.json` file with a script to run arbitrary code in the privileged workflow. Fortunately, commit 64e00e7 addressed this issue, ensuring the RSSHub repository is no longer vulnerable. Downstream users were not affected by this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.