Skip to main content

Peertube CVE-2022-0727

MEDIUM
Improper Access Control (CWE-284)
2022-02-23 security@huntr.dev
5.4
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.4 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

1
CVE Published
Feb 23, 2022 - 14:15 nvd
MEDIUM 5.4

DescriptionNVD

Improper Access Control in GitHub repository chocobozzz/peertube prior to 4.1.0.

AnalysisAI

Improper Access Control in GitHub repository chocobozzz/peertube prior to 4.1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Technical ContextAI

This vulnerability is classified under CWE-284. Improper Access Control in GitHub repository chocobozzz/peertube prior to 4.1.0. Affected products include: Framasoft Peertube. Version information: prior to 4.1.0..

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2025-32948 HIGH POC
7.5 Apr 15

The vulnerability allows any attacker to cause the PeerTube server to stop functioning, or in special cases send request

CVE-2025-32947 HIGH POC
7.5 Apr 15

This vulnerability allows any attacker to cause the PeerTube server to stop responding to requests due to an infinite lo

CVE-2025-32949 MEDIUM POC
6.5 Apr 15

This vulnerability allows any authenticated user to cause the server to consume very large amounts of disk space when ex

CVE-2025-32944 MEDIUM POC
6.5 Apr 15

The vulnerability allows any authenticated user to cause the PeerTube server to stop functioning in a persistent manner.

CVE-2022-0881 MEDIUM POC
6.5 Mar 09

Insecure Storage of Sensitive Information in GitHub repository chocobozzz/peertube prior to 4.1.1. Rated medium severity

CVE-2021-3780 MEDIUM POC
6.1 Sep 15

peertube is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). Rated me

CVE-2022-0726 MEDIUM POC
5.4 Feb 23

Missing Authorization in GitHub repository chocobozzz/peertube prior to 4.1.0. Rated medium severity (CVSS 5.4), this vu

CVE-2025-32946 MEDIUM POC
5.3 Apr 15

This vulnerability allows any attacker to add playlists to a different user’s channel using the ActivityPub protocol. Ra

CVE-2025-32945 MEDIUM POC
4.3 Apr 15

The vulnerability allows an existing user to add playlists to a different user’s channel using the PeerTube REST API. Ra

CVE-2025-32943 LOW POC
3.7 Apr 15

The vulnerability allows any authenticated user to leak the contents of arbitrary “.m3u8” files from the PeerTube server

CVE-2026-57167 MEDIUM
5.1 Jul 10

Stored XSS in PeerTube before version 8.2.2 allows any authenticated uploader to inject arbitrary HTML and JavaScript in

Share

CVE-2022-0727 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy