Untriaged
Permalink
CVE-2025-68662
7.6 HIGH
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): LOW
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): LOW
- Availability impact (A): LOW
FinalDestination hostname matching allows SSRF protection bypass
Discourse is an open source discussion platform. In versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0, a hostname validation issue in FinalDestination could allow bypassing SSRF protections under certain conditions. This issue is patched in versions 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0. No known workarounds are available.
References
- https://github.com/discourse/discourse/security/advisories/GHSA-gcfp-rjfc-925c x_refsource_CONFIRM
- https://github.com/discourse/discourse/security/advisories/GHSA-gcfp-rjfc-925c x_refsource_CONFIRM
Affected products
discourse
- ==>= 2025.12.0-latest, < 2025.12.1
- ==>= 2025.11.0-latest, < 2025.11.2
- ==>= 2026.1.0-latest, < 2026.1.0
- ==< 3.5.4
Matching in nixpkgs
pkgs.discourse
Discourse is an open source discussion platform
pkgs.discourseAllPlugins
Discourse is an open source discussion platform
pkgs.discourse-mail-receiver
Helper program which receives incoming mail for Discourse
pkgs.python312Packages.pydiscourse
Python library for working with Discourse
pkgs.python313Packages.pydiscourse
Python library for working with Discourse
pkgs.grafanaPlugins.grafana-discourse-datasource
Allows users to search and view topics, posts, users, tags, categories, and reports on a given Discourse forum through Grafana
Package maintainers
-
@talyz Kim Lindberger <kim.lindberger@gmail.com>
-
@Dettorer Paul Hervot <paul.hervot@dettorer.net>
-
@nagisa Simonas Kazlauskas <nixpkgs@kazlauskas.me>