Shared by: ### 🔒 Security Release: BotKi…

@botkit@hollo.social

🔒 Security Release: BotKit 0.3.1

We've released BotKit 0.3.1 with an important security fix.

This update addresses CVE-2025-68475 (High severity, CVSS 7.5), a ReDoS vulnerability in Fedify's HTML parsing that could cause denial of service.

If you're using BotKit 0.3.x, please upgrade to 0.3.1 as soon as possible.

📦 Release notes
🔐 Security advisory

#BotKit #Fedify #ActivityPub #fediverse #security

github.com

ReDoS Vulnerability in HTML Parsing Regex

Hi Fedify team! 👋 Thank you for your work on Fedify—it's a fantastic library for building federated applications. While reviewing the codebase, I discovered a Regular Expression Denial of Servic...

4 shares

👁
@eyeinthesky@mastodon.social
Exploring technology’s depths — no hype, no fanaticism. Here for clear-eyed analysis, thoughtful exploration, and a balanced perspective on tech’s present and future. I also like travel, Stoic philosophy, Albert Camus, continuous learning, and good discussions.
fedicat
@fedicat@pc.cafe
The official account for the Fedicat fediverse iOS client available on TestFlight. I try to include other fediverse stuff to keep it interesting.
The Fulcrum 🏴‍☠️ ⛓️‍💥 🛠️
@thefulcrum@www.thefulcrum.dev
The Fulcrum (aka Reuben Walker - Journalist, Half-ass Philosopher, Techno Anarchist): Developers defending democracy, destroying autocracy, developing the Fediverse and OMN. #fediverse #OMN #programming #democracy #TechnoAnarchism #ActivityPub
Technical Discussion
@technical-discussion@activitypub.space
Technical discussion about ActivityPub-related topics.