Fedify: ActivityPub server framework @fedify@hollo.social
Public

🚨 긴급 보안 업데이트 공지

Fedify에서 매우 심각한 보안 취약점(CVE-2025-54888)이 발견되어 핫픽스를 긴급 배포했습니다.

모든 사용자는 즉시 최신 패치 버전으로 업데이트해야 합니다.

자세한 내용과 업데이트 방법은 아래 링크를 참고해 주세요:

https://github.com/fedify-dev/fedify/discussions/361

### Summary An authentication bypass vulnerability allows any unauthenticated attacker to impersonate any ActivityPub actor by sending forged activities signed with their own keys. Activities are...

Improper Authentication and Incorrect Authorization in @fedify/fedify

### Summary An authentication bypass vulnerability allows any unauthenticated attacker to impersonate any ActivityPub actor by sending forged activities signed with their own keys. Activities are...

github.com · GitHub

Fedify: ActivityPub server framework @fedify@hollo.social
Public

🚨 緊急セキュリティアップデート通知

Fedifyで非常に深刻なセキュリティ脆弱性(CVE-2025-54888)が発見され、ホットフィックスを緊急リリースいたしました。

全ユーザーは直ちに最新のパッチバージョンにアップデートしてください。

詳細とアップデート方法については、以下のリンクをご参照ください:

https://github.com/fedify-dev/fedify/discussions/361

### Summary An authentication bypass vulnerability allows any unauthenticated attacker to impersonate any ActivityPub actor by sending forged activities signed with their own keys. Activities are...

Improper Authentication and Incorrect Authorization in @fedify/fedify

### Summary An authentication bypass vulnerability allows any unauthenticated attacker to impersonate any ActivityPub actor by sending forged activities signed with their own keys. Activities are...

github.com · GitHub

1
0
0

If you have a fediverse account, you can quote this note from your own instance. Search https://hollo.social/@fedify/01988790-77f0-77e2-8b5a-6ceb6e0a9ffc on your instance and quote it. (Note that quoting is not supported in Mastodon.)